Improve documentation of the CREATEROLE attibute.
In user-manag.sgml, document precisely what privileges are conveyed
by CREATEROLE. Make particular note of the fact that it allows
changing passwords and granting access to high-privilege roles.
Also remove the suggestion of using a user with CREATEROLE and
CREATEDB instead of a superuser, as there is no real security
advantage to this approach.
Elsewhere in the documentation, adjust text that suggests that
<literal>CREATEROLE</literal> only allows for role creation, and
refer to the documentation in user-manag.sgml as appropriate.
Patch by me, reviewed by Álvaro Herrera
Discussion: http://postgr.es/m/CA+TgmoZBsPL8nPhvYecx7iGo5qpDRqa9k_AcaW1SbOjugAY1Ag@mail.gmail.com
Branch
------
REL_15_STABLE
Details
-------
https://git.postgresql.org/pg/commitdiff/aa26980ca0813200c25b06e3ad0f54d449cce8b2
Modified Files
--------------
doc/src/sgml/ref/alter_role.sgml | 2 +-
doc/src/sgml/ref/create_role.sgml | 10 ++++-----
doc/src/sgml/ref/createuser.sgml | 18 ++++++++++-----
doc/src/sgml/user-manag.sgml | 47 +++++++++++++++++++++++++++------------
4 files changed, 52 insertions(+), 25 deletions(-)