Skip site navigation (1)
Skip section navigation (2)
Peripheral Links
Re: system administration functions with hardcoded superuser checks
On 12/18/12 12:09 PM, Peter Eisentraut wrote: > There are some system administration functions that have hardcoded > superuser checks, specifically: > > pg_reload_conf > pg_rotate_logfile > pg_read_file > pg_read_file_all > pg_read_binary_file > pg_read_binary_file_all > pg_stat_file > pg_ls_dir > > Some of these are useful in monitoring or maintenance tools, and the > hardcoded superuser checks require that these tools run with maximum > privileges. Couldn't we just install these functions without default > privileges and allow users to grant privileges as necessary? This is still being debated, but just for the heck of it, here is a patch for how this implementation would look like.
Attachment: pg-func-superuser-checks.patch
Description: text/plain (3.0 KB)
Description: text/plain (3.0 KB)
In response to
- system administration functions with hardcoded superuser checks at 2012-12-18 17:09:10 from Peter Eisentraut
Responses
- Re: system administration functions with hardcoded superuser checks at 2013-01-16 09:43:23 from Kohei KaiGai
pgsql-hackers by date
Next: From: Jan Wieck Date: 2013-01-15 14:43:04 Subject: Re: strange OOM errors with EXECUTE in PL/pgSQL Previous: From: Alvaro Herrera Date: 2013-01-15 14:21:05 Subject: Re: recent ALTER whatever .. SET SCHEMA refactoring