Skip site navigation (1) Skip section navigation (2)

Re: Streaming replication as a separate permissions

From: Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>
To: Magnus Hagander <magnus(at)hagander(dot)net>
Cc: Stephen Frost <sfrost(at)snowman(dot)net>, Robert Haas <robertmhaas(at)gmail(dot)com>, Florian Pflug <fgp(at)phlo(dot)org>, PostgreSQL-development <pgsql-hackers(at)postgresql(dot)org>
Subject: Re: Streaming replication as a separate permissions
Date: 2010-12-27 15:33:53
Message-ID: 14807.1293464033@sss.pgh.pa.us (view raw or flat)
Thread:
Lists: pgsql-hackers
Magnus Hagander <magnus(at)hagander(dot)net> writes:
> On Mon, Dec 27, 2010 at 10:53, Magnus Hagander <magnus(at)hagander(dot)net> wrote:
>> We could quite easily make a replication role *never* be able to
>> connect to a non-walsender backend. That would mean that if you set
>> your role to WITH REPLICATION, it can *only* be used for replication
>> and nothing else (well, you could still SET ROLE to it, but given that
>> it's not a superuser (anymore), that doesn't have any security
>> implications.

> Actually, having implemented that and tested it, I realize that's a
> pretty bad idea.

OK, so if we're not going to recommend that REPLICATION roles be
NOLOGIN, we're back to the original question: should the REPLICATION
bit give any other special privileges?  I can see the point of allowing
such a user to issue pg_start_backup and pg_stop_backup.

			regards, tom lane

In response to

Responses

pgsql-hackers by date

Next:From: Magnus HaganderDate: 2010-12-27 15:40:10
Subject: Re: Streaming replication as a separate permissions
Previous:From: Robert HaasDate: 2010-12-27 15:24:20
Subject: Re: Reduce lock levels for ADD and DROP COLUMN

Privacy Policy | About PostgreSQL
Copyright © 1996-2014 The PostgreSQL Global Development Group