Re: inconsistent owners in newly created databases?
| От | Fabien COELHO |
|---|---|
| Тема | Re: inconsistent owners in newly created databases? |
| Дата | |
| Msg-id | Pine.LNX.4.58.0405031834560.9381@sablons.cri.ensmp.fr обсуждение исходный текст |
| Ответ на | Re: inconsistent owners in newly created databases? (Thomas Swan <tswan@idigx.com>) |
| Список | pgsql-hackers |
> ... > Without this the db owner cannot drop types that may have been copied > from the template. Hmmm. I'm concerned about security, such as enabling the owner to load new trusted code. You may be right, but I'm afraid it is delicate to decide what owner fields should be changed. Owning a database does not mean being a super user in that database. But I may be just pessimistic about this issue. > >It is unclear to me at the time when these updates should be performed. > >After the createdb? Deferred to the first connection to the database? > > It seems the logical place is for the createdb routine to connect to the > new database and make the ownership changes. Yes, I agree. However I have not seen a simple api to create a new backend connected to another database and make it execute some sql commands. The fork/exec stuff is managed by postmaster (the server frontend) directly. But I've just given a quick look. Also, how should it deal with max allowed connections and so on... Hence deferring the stuff to the first connection may not be that bad, because it would avoid a lot of system stuff. Well, anyway someone agree with me that the situation is not appropriate. Thanks for your comments, -- Fabien COELHO _ http://www.cri.ensmp.fr/~coelho _ Fabien.Coelho@ensmp.fr CRI-ENSMP, 35, rue Saint-Honoré, 77305 Fontainebleaucedex, France phone: (+33|0) 1 64 69 {voice: 48 52, fax: 47 09, standard: 47 08} ________ All opinionsexpressed here are mine _________
В списке pgsql-hackers по дате отправления: