Re: root/administartor user check option.

Gevik Babakhani wrote:
> > Removing or disabling the test without removing some of the dangerous 
> > capabilities would be a major security hole. For example: postgres can 
> > deliver to any authenticated user the contents of any text file on the 
> > system that the database user can read. Do you want the responsibility 
> > of allowing that for any file the administrator can read? No, I thought 
> > not. Neither do we.
> 
> True. This means that one just cannot "copy over" PG files and run the
> database without creating additional users and services. 
> 
> Just looking at how much windows standalone apps are being developed
> which potentially could use an "embedded" or "light" version of PG,  I
> still think the option should be considered. Perhaps in a more
> restricted or striped-down version of PG. (PG Light or something). 

Postgres is BSD, so feel free to create and "Insecure Postgres" and
distribute however you like.

Note that pg_ctl contains code to be started as admin and drop the
privileges early.  That may be able to satisfy your requirements without
being extremely insecure.

-- 
Alvaro Herrera                                http://www.CommandPrompt.com/
The PostgreSQL Company - Command Prompt, Inc.