Functions and triggers allow users to insert code into the backend server that other users might execute unintentionally. Hence, both mechanisms permit users to "Trojan

Database roles are conceptually completely separate from operating system users. In practice it might be convenient to maintain a correspondence, but this is not required.

Because roles can own database objects and can hold privileges to access other objects, dropping a role is often not just a matter of a quick

A database role can have a number of attributes that define its privileges and interact with the client authentication system.

It is frequently convenient to group users together to ease management of privileges: that way, privileges can be granted to, or revoked from, a group as a whole. In

PostgreSQL provides a set of default roles which provide access to certain, commonly needed, privileged capabilities and information. Administrators