| From: | Josh Berkus <josh(at)agliodbs(dot)com> |
|---|---|
| To: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
| Cc: | Robert Haas <robertmhaas(at)gmail(dot)com>, Magnus Hagander <magnus(at)hagander(dot)net>, PostgreSQL-development <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | Re: Streaming replication as a separate permissions |
| Date: | 2010-12-23 22:24:33 |
| Message-ID: | 4D13CC21.5030206@agliodbs.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
On 12/23/10 2:21 PM, Tom Lane wrote:
> Josh Berkus <josh(at)agliodbs(dot)com> writes:
>> If we still make it possible for "postgres" to replicate, then we don't
>> add any complexity to the simplest setup.
>
> Well, that's one laudable goal here, but "secure by default" is another
> one that ought to be taken into consideration.
I don't see how *not* granting the superuser replication permissions
makes things more secure. The superuser can grant replication
permissions to itself, so why is suspending them by default beneficial?
I'm not following your logic here.
--
-- Josh Berkus
PostgreSQL Experts Inc.
http://www.pgexperts.com
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Andrew Dunstan | 2010-12-23 22:27:20 | Re: Cannot compile Pg 9.0.2 with MinGW under Windows |
| Previous Message | Tom Lane | 2010-12-23 22:21:53 | Re: Streaming replication as a separate permissions |