Re: Connection limit and Superuser

From: Andrew Dunstan <andrew(at)dunslane(dot)net>
To: "Joshua D(dot) Drake" <jd(at)commandprompt(dot)com>
Cc: PostgreSQL Development <pgsql-hackers(at)postgresql(dot)org>
Subject: Re: Connection limit and Superuser
Date: 2006-07-31 15:58:30
Message-ID: 44CE28A6.6000000@dunslane.net
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-hackers

Joshua D. Drake wrote:

>
>>
>> As a protection against malice, yes. I think Rod was more interested
>> in some protection against stupidity.
>>
>> Maybe the real answer is that Slony should connect as a non-superuser
>> and call security definer functions for the privileged things it
>> needs to do.
>
>
> Wouldn't that break Slony's ability to connect to older postgresql
> versions and replicate?
>

I don't know anything of Slony's internals, but I don't see why older
versions should matter - Postgres has had security definer functions for
every release that Slony supports. Maybe I'm missing something ...

cheers

andrew

In response to

Responses

Browse pgsql-hackers by date

  From Date Subject
Next Message Rod Taylor 2006-07-31 16:08:22 Re: [PATCHES] extension for sql update
Previous Message Joshua D. Drake 2006-07-31 15:28:50 Re: Connection limit and Superuser