| From: | Gevik Babakhani <pgdev(at)xs4all(dot)nl> |
|---|---|
| To: | Andrew Dunstan <andrew(at)dunslane(dot)net> |
| Cc: | Peter Eisentraut <peter_e(at)gmx(dot)net>, pgsql-hackers(at)postgresql(dot)org |
| Subject: | Re: root/administartor user check option. |
| Date: | 2006-07-25 12:11:38 |
| Message-ID: | 1153829498.1238.17.camel@voyager.truesoftware.net |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
> Removing or disabling the test without removing some of the dangerous
> capabilities would be a major security hole. For example: postgres can
> deliver to any authenticated user the contents of any text file on the
> system that the database user can read. Do you want the responsibility
> of allowing that for any file the administrator can read? No, I thought
> not. Neither do we.
True. This means that one just cannot "copy over" PG files and run the
database without creating additional users and services.
Just looking at how much windows standalone apps are being developed
which potentially could use an "embedded" or "light" version of PG, I
still think the option should be considered. Perhaps in a more
restricted or striped-down version of PG. (PG Light or something).
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Tom Lane | 2006-07-25 12:15:55 | Re: 64-bit integers for GUC |
| Previous Message | Tom Lane | 2006-07-25 12:11:28 | Re: root/administartor user check option. |