| From: | Dimitri Fontaine <dimitri(at)2ndQuadrant(dot)fr> |
|---|---|
| To: | Dave Page <dpage(at)pgadmin(dot)org> |
| Cc: | Hannu Krosing <hannu(at)2ndquadrant(dot)com>, Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>, Steven Citron-Pousty <spousty(at)redhat(dot)com>, PostgreSQL Hackers <pgsql-hackers(at)postgresql(dot)org>, "shifters\(at)redhat(dot)com shifters" <shifters(at)redhat(dot)com>, Matthew Hicks <mhicks(at)redhat(dot)com>, Hirotsugu Asari <hasari(at)redhat(dot)com>, Adam Miller <admiller(at)redhat(dot)com> |
| Subject: | Re: Feature Request on Extensions |
| Date: | 2013-08-19 09:34:47 |
| Message-ID: | m2y57yyqfc.fsf@new-host-4.home |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
Dave Page <dpage(at)pgadmin(dot)org> writes:
> If you find a hole in the boat, the preferred option is to fix it, not
> to say "meh, well another won't hurt".
My understanding is that there's no way to fix it. If you're superuser
you have the keys to the kingdom. That's it.
And that's why it's very important that as many as possible of our
feature set works without requiring superuser.
> That wouldn't address my concern, which is preventing someone with
> only DB server superuser access from enabling the feature.
There's nothing I've heard of allowing you to think implementing a
restricted security access for superusers is ever going to fly.
Regards,
--
Dimitri Fontaine
http://2ndQuadrant.fr PostgreSQL : Expertise, Formation et Support
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Albe Laurenz | 2013-08-19 11:47:36 | Re: LDAP: bugfix and deprecated OpenLDAP API |
| Previous Message | Dave Page | 2013-08-19 09:28:22 | Re: Feature Request on Extensions |