Re: Revoke "drop database" even for superusers?
| От | Edson Richter |
|---|---|
| Тема | Re: Revoke "drop database" even for superusers? |
| Дата | |
| Msg-id | BLU0-SMTP18850AA8B4213361E5B0EB2CF680@phx.gbl обсуждение исходный текст |
| Ответ на | Re: Revoke "drop database" even for superusers? (Tom Lane <tgl@sss.pgh.pa.us>) |
| Список | pgsql-general |
Em 09/11/2012 20:18, Tom Lane escreveu: > Andres Freund <andres@anarazel.de> writes: >> On 2012-11-09 12:42:37 +0100, Albe Laurenz wrote: >>> You cannot play it over permissions, but what about the following trick: >>> >>> postgres=# CREATE DATABASE persist; >>> CREATE DATABASE >>> postgres=# UPDATE pg_database SET datistemplate=TRUE WHERE >>> datname='persist'; >>> UPDATE 1 >>> postgres=# DROP DATABASE persist; >>> ERROR: cannot drop a template database >> Not a good idea, autovacuum will use a freeze_min_age of 0 in that >> case which will make it heaps more expensive. Also it allows everyone to >> copy that database not only its owner/superuser. >> I think there might be even more unexpected consequences of playing that >> trick. > It seems pretty pointless in any case, since a superuser could just undo > the UPDATE and then drop the database. > > If what you're trying to avoid is accidental, rather than malicious, > drops, here's something that would be a lot more useful: avoid using > superuser accounts as much as you possibly can. There are not that > many things that you really need to use superuser privileges for. > > regards, tom lane > > Thanks you. I'll look documentation to create a user that has enough permission to do everything needed, except dropping databases. Regards, Edson
В списке pgsql-general по дате отправления: