| From: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
|---|---|
| To: | Andrew Dunstan <andrew(at)dunslane(dot)net> |
| Cc: | Magnus Hagander <magnus(at)hagander(dot)net>, Heikki Linnakangas <hlinnaka(at)iki(dot)fi>, PostgreSQL Hackers <pgsql-hackers(at)postgresql(dot)org>, Jelte Fennema-Nio <postgres(at)jeltef(dot)nl>, Daniel Gustafsson <daniel(at)yesql(dot)se>, Bruce Momjian <bruce(at)momjian(dot)us>, Joel Jacobson <joel(at)compiler(dot)org>, Gabriele Bartolini <gabriele(dot)bartolini(at)enterprisedb(dot)com>, Maciek Sakrejda <m(dot)sakrejda(at)gmail(dot)com>, Robert Haas <robertmhaas(at)gmail(dot)com> |
| Subject: | Re: Possibility to disable `ALTER SYSTEM` |
| Date: | 2024-03-19 22:35:27 |
| Message-ID: | 4072160.1710887727@sss.pgh.pa.us |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
Andrew Dunstan <andrew(at)dunslane(dot)net> writes:
> On Tue, Mar 19, 2024 at 2:28 PM Magnus Hagander <magnus(at)hagander(dot)net> wrote:
>> Windows has had full ACL support since 1993. The easiest way to do
>> what you're doing here is to just set a DENY permission on the
>> postgres operating system user.
> Yeah. See <
> https://learn.microsoft.com/en-us/windows-server/administration/windows-commands/icacls>
> for example.
Cool. Maybe somebody should take a fresh look at the places where
we're assuming Windows has nothing comparable to Unix permissions
(for example, checking for world readability of ssl_key_file).
It's off-topic for this thread though.
regards, tom lane
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Amonson, Paul D | 2024-03-19 22:56:01 | RE: Popcount optimization using AVX512 |
| Previous Message | Kartyshov Ivan | 2024-03-19 22:34:51 | Re: [HACKERS] make async slave to wait for lsn to be replayed |