| From: | Peter Eisentraut <e99re41(at)DoCS(dot)UU(dot)SE> |
|---|---|
| To: | Zeugswetter Andreas SB <ZeugswetterA(at)wien(dot)spardat(dot)at> |
| Cc: | "'Tom Lane'" <tgl(at)sss(dot)pgh(dot)pa(dot)us>, "'Keith Parks'" <emkxp01(at)mtcc(dot)demon(dot)co(dot)uk>, "'hackers(at)postgreSQL(dot)org'" <hackers(at)postgreSQL(dot)org> |
| Subject: | Re: AW: [HACKERS] initdb problems on Solaris |
| Date: | 2000-01-20 11:14:45 |
| Message-ID: | Pine.GSO.4.02A.10001201213580.15489-100000@Puma.DoCS.UU.SE |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
On Thu, 20 Jan 2000, Zeugswetter Andreas SB wrote:
>
> > The postmaster and backend can and should refuse to run with an
> > effective Unix userid of 0 (root), but that doesn't mean that
> > a Postgres ID of 0 is insecure, does it?
>
> The usual setup has the Postgres ID same as the unix id, thus
> 0 would be reserved for root.
>
> I think this setup has the advatage, that we could someday issue
> setuid() calls for "dba and untrusted stored procedures", which would
> imho be a very handy feature.
That would require you to set up a Unix user for every Postgres user,
which is certainly not necassary in the general case.
--
Peter Eisentraut Sernanders vaeg 10:115
peter_e(at)gmx(dot)net 75262 Uppsala
http://yi.org/peter-e/ Sweden
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Peter Eisentraut | 2000-01-20 11:18:11 | Re: [HACKERS] initdb problems on Solaris |
| Previous Message | Zeugswetter Andreas SB | 2000-01-20 10:04:08 | AW: [HACKERS] initdb problems on Solaris |