Re: Possibility to disable `ALTER SYSTEM`
| От | Gabriele Bartolini |
|---|---|
| Тема | Re: Possibility to disable `ALTER SYSTEM` |
| Дата | |
| Msg-id | CA+VUV5orbuGuu26XiCsiR8VV_bOg_8pOYaj6=+-=gHPjTgW8qA@mail.gmail.com обсуждение исходный текст |
| Ответ на | Re: Possibility to disable `ALTER SYSTEM` (Tom Lane <tgl@sss.pgh.pa.us>) |
| Ответы |
Re: Possibility to disable `ALTER SYSTEM`
|
| Список | pgsql-hackers |
Hi Tom,
On Thu, 7 Sept 2023 at 22:27, Tom Lane <tgl@sss.pgh.pa.us> wrote:
Gabriele Bartolini <gabriele.bartolini@enterprisedb.com> writes:
> I would like to propose a patch that allows administrators to disable
> `ALTER SYSTEM` via either a runt-time option to pass to the Postgres server
> process at startup (e.g. `--disable-alter-system=true`, false by default)
> or a new GUC (or even both), without changing the current default method of
> the server.
ALTER SYSTEM is already heavily restricted.
Could you please help me better understand what you mean here?
I don't think we need random kluges added to the permissions system.
If you allow me, why do you think disabling ALTER SYSTEM altogether is a random kluge? Again, I'd like to better understand this position. I've personally been in many conversations on the security side of things for Postgres in Kubernetes environments, and this is a frequent concern by users who request that changes to the Postgres system (not a database) should only be done declaratively and prevented from within the system.
Thanks,
Gabriele
Thanks,
Gabriele
В списке pgsql-hackers по дате отправления: