aboutsummaryrefslogtreecommitdiff
path: root/doc/src/sgml/ref/create_role.sgml
diff options
context:
space:
mode:
Diffstat (limited to 'doc/src/sgml/ref/create_role.sgml')
-rw-r--r--doc/src/sgml/ref/create_role.sgml9
1 files changed, 3 insertions, 6 deletions
diff --git a/doc/src/sgml/ref/create_role.sgml b/doc/src/sgml/ref/create_role.sgml
index f4a176bff3f..240c21ce85f 100644
--- a/doc/src/sgml/ref/create_role.sgml
+++ b/doc/src/sgml/ref/create_role.sgml
@@ -196,16 +196,13 @@ CREATE ROLE <replaceable class="PARAMETER">name</replaceable> [ [ WITH ] <replac
<term><literal>NOBYPASSRLS</literal></term>
<listitem>
<para>
- These clauses determine whether a role is allowed to bypass row-level security (RLS)
- policies. A role having the <literal>BYPASSRLS</literal> attribute will
- be allowed to bypass row-security policies by setting
- <literal>row_security</literal> to
- <literal>OFF</literal>. <literal>NOBYPASSRLS</literal> is the default.
+ These clauses determine whether a role bypasses every row-level
+ security (RLS) policy. <literal>NOBYPASSRLS</literal> is the default.
Note that pg_dump will set <literal>row_security</literal> to
<literal>OFF</literal> by default, to ensure all contents of a table are
dumped out. If the user running pg_dump does not have appropriate
permissions, an error will be returned. The superuser and owner of the
- table being dumped are considered to always have the right to bypass RLS.
+ table being dumped always bypass RLS.
</para>
</listitem>
</varlistentry>
generated by cgit v1.2.3 (git 2.25.1) at 2025-06-03 18:47:42 +0000