| From: | "Kevin Grittner" <Kevin(dot)Grittner(at)wicourts(dot)gov> |
|---|---|
| To: | <Maria(dot)L(dot)Wilson-1(at)nasa(dot)gov>,"Joe R(dot) Plugge" <JRPlugge(at)west(dot)com> |
| Cc: | "Maria Louise (LARC-E301)[SCIENCE SYSTEMS APPLICATIONS] Wilson" <m(dot)l(dot)wilson(at)nasa(dot)gov>, "pgsql-admin(at)postgresql(dot)org" <pgsql-admin(at)postgresql(dot)org> |
| Subject: | Re: postgres database user account |
| Date: | 2010-06-30 20:52:08 |
| Message-ID: | 4C2B68280200002500032E39@gw.wicourts.gov |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-admin |
"Maria L. Wilson" <Maria(dot)L(dot)Wilson-1(at)nasa(dot)gov> wrote:
> What we are planning on doing with the OS acct (postgres) is only
> allowing users sudo ability to this account. Nobody should be
> able to directly log into it. Do you think that will cause
> problems?
It's what we do. We use ident logins from this account, and use it
for maintenance jobs scheduled through crontab, such as database
vacuum and some backup related processes. It works well for us, and
we figure that if someone can run as root, they can trash the
database anyway, so we don't think we're opening up any security
holes with it.
-Kevin
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Tom Lane | 2010-06-30 20:59:24 | Re: cache lookup failed for index |
| Previous Message | Gilberto Castillo Martínez | 2010-06-30 20:49:31 | Re: postgres database user account |