Re: Big problem
| От | Christopher Kings-Lynne |
|---|---|
| Тема | Re: Big problem |
| Дата | |
| Msg-id | 40B20EA6.8090207@familyhealth.com.au обсуждение исходный текст |
| Ответ на | Re: Big problem (Dennis Bjorklund <db@zigo.dhs.org>) |
| Ответы |
Re: Big problem
|
| Список | pgsql-hackers |
> Isn't it just enough to prevent the user with userid 1 from losing the > superuser status. If one want to allow it one could prevent it just when > doing the ALTER USER stuff and allow it when editing pg_shadow directly. > Or maybe have some guc variable that write locks the user with id 1. That gets my vote - can't take superuser off id 1... > Given that it was so "simple" to restore I'm not sure if it's worth it or > not, but restricting just user 1 does not give any of the problems you > wrote about. Well, sergio sure wasn't very happy... And if I ever get around to my patch that separates out superuser and catalog modification privileges, superusers will no longer necessarily be able to 'delete from pg_proc'; Chris
В списке pgsql-hackers по дате отправления: