Quick Links

Re: Streaming replication as a separate permissions

From:	Simon Riggs <simon(at)2ndQuadrant(dot)com>
To:	Magnus Hagander <magnus(at)hagander(dot)net>
Cc:	PostgreSQL-development <pgsql-hackers(at)postgresql(dot)org>
Subject:	Re: Streaming replication as a separate permissions
Date:	2010-12-27 15:45:39
Message-ID:	1293464739.1193.64083.camel@ebony
Views:	Raw Message \| Whole Thread \| Download mbox \| Resend email
Thread:
Lists:	pgsql-hackers

On Mon, 2010-12-27 at 14:54 +0100, Magnus Hagander wrote:

> You will certainly be able to log into the standby with a superuser
> account, nobody is preventing that. This is about protecting the
> *master*. For example, from modifications made by a user who hacked
> the standby.

The users for master and standby are identical, so if they have access
to the standby, they have access to the master. That's why we allow
replication to be specifically excluded by the pg_hba.conf.

So I don't see how this helps.

--
Simon Riggs http://www.2ndQuadrant.com/books/
PostgreSQL Development, 24x7 Support, Training and Services

In response to

Re: Streaming replication as a separate permissions at 2010-12-27 13:54:07 from Magnus Hagander

Responses

Re: Streaming replication as a separate permissions at 2010-12-27 15:55:11 from Magnus Hagander

Browse pgsql-hackers by date

	From	Date	Subject
Next Message	Simon Riggs	2010-12-27 15:52:47	Re: Reduce lock levels for ADD and DROP COLUMN
Previous Message	Tom Lane	2010-12-27 15:41:55	Re: Reduce lock levels for ADD and DROP COLUMN