Re: Streaming replication as a separate permissions
| От | Tom Lane |
|---|---|
| Тема | Re: Streaming replication as a separate permissions |
| Дата | |
| Msg-id | 29021.1293143353@sss.pgh.pa.us обсуждение исходный текст |
| Ответ на | Re: Streaming replication as a separate permissions (Josh Berkus <josh@agliodbs.com>) |
| Ответы |
Re: Streaming replication as a separate permissions
|
| Список | pgsql-hackers |
Josh Berkus <josh@agliodbs.com> writes:
> On 12/23/10 2:21 PM, Tom Lane wrote:
>> Well, that's one laudable goal here, but "secure by default" is another
>> one that ought to be taken into consideration.
> I don't see how *not* granting the superuser replication permissions
> makes things more secure. The superuser can grant replication
> permissions to itself, so why is suspending them by default beneficial?
> I'm not following your logic here.
Well, the reverse of that is just as true: if we ship it without
replication permissions on the postgres user, people can change that if
they'd rather not create a separate role for replication. But I think
we should encourage people to NOT do it that way. Setting it up that
way by default hardly encourages use of a more secure arrangement.
regards, tom lane
В списке pgsql-hackers по дате отправления: