| From: | Pavel Stehule <pavel(dot)stehule(at)gmail(dot)com> |
|---|---|
| To: | Peter Eisentraut <peter_e(at)gmx(dot)net> |
| Cc: | pgsql-hackers <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | Re: system administration functions with hardcoded superuser checks |
| Date: | 2012-12-18 17:38:23 |
| Message-ID: | CAFj8pRCO7KhxwXbLRL_cGry-hbZKOfXqLELLupwybeAjT7ZoGw@mail.gmail.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
2012/12/18 Peter Eisentraut <peter_e(at)gmx(dot)net>:
> There are some system administration functions that have hardcoded
> superuser checks, specifically:
>
> pg_reload_conf
> pg_rotate_logfile
>
> Some of these are useful in monitoring or maintenance tools, and the
> hardcoded superuser checks require that these tools run with maximum
> privileges. Couldn't we just install these functions without default
> privileges and allow users to grant privileges as necessary?
isn't it too strong gun for some people ???
I believe so some one can decrease necessary rights and it opens doors
to system.
> pg_read_file
> pg_read_file_all
> pg_read_binary_file
> pg_read_binary_file_all
> pg_stat_file
> pg_ls_dir
is relative dangerous and I am not for opening these functions.
power user can simply to write extension, but he knows what he does/
Regards
Pavel
>
>
> --
> Sent via pgsql-hackers mailing list (pgsql-hackers(at)postgresql(dot)org)
> To make changes to your subscription:
> http://www.postgresql.org/mailpref/pgsql-hackers
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Fujii Masao | 2012-12-18 17:44:42 | Re: pg_basebackup from cascading standby after timeline switch |
| Previous Message | Groshev Andrey | 2012-12-18 17:34:53 | Re: [GENERAL] trouble with pg_upgrade 9.0 -> 9.1 |