Re: Streaming replication as a separate permissions
| От | Dave Page |
|---|---|
| Тема | Re: Streaming replication as a separate permissions |
| Дата | |
| Msg-id | AANLkTimUPXWfwgB0NZ_nmFmUSfSTrvWQVKXeK-kaZBVo@mail.gmail.com обсуждение исходный текст |
| Ответ на | Re: Streaming replication as a separate permissions (Magnus Hagander <magnus@hagander.net>) |
| Список | pgsql-hackers |
On Mon, Dec 27, 2010 at 9:36 AM, Magnus Hagander <magnus@hagander.net> wrote: > Seeing logged SQL isn't - but being able to filter the logfiles on > that requires a *lot* more than just defining a security privilege. If > we mean "arbitrary log file reading", the easiest way to fix that > would be to stop checking for superuser permissions in the > read-file-function, and instead use the permissions *on the function* > to control it. In fact, that is something that we could (should?) do > for a bunch of other functions as well, so that we can in that way > provide much more granular permissions level than just blanked > assigning of privileges. That would require having users change the permissions on system objects, which seems, icky (would they even be dumped?). Given that the superuser could already create a security definer wrapper function with the privileges required, I don't think this is needed. -- Dave Page Blog: http://pgsnake.blogspot.com Twitter: @pgsnake EnterpriseDB UK: http://www.enterprisedb.com The Enterprise PostgreSQL Company
В списке pgsql-hackers по дате отправления: