diff --git a/src/backend/commands/variable.c b/src/backend/commands/variable.c
index 57da0149d9f..05e59a6e097 100644
--- a/src/backend/commands/variable.c
+++ b/src/backend/commands/variable.c
@@ -794,6 +794,10 @@ check_session_authorization(char **newval, void **extra, GucSource source)
 		return false;
 	}
 
+	/* Do not allow setting role to a reserved role. */
+	if (strncmp(*newval, "pg_", 3) == 0)
+		return false;
+
 	/* Look up the username */
 	roleTup = SearchSysCache1(AUTHNAME, PointerGetDatum(*newval));
 	if (!HeapTupleIsValid(roleTup))