Goulet, Dick wrote:
> Peter,
>
> You may well be on the development team, but you are wrong for
> one very important reason. If the Postgresql executables are owned by
> root they execute with the priviledges of root. Thereby any local
What? They are not setuid?
---------------------------------------------------------------------------
> created extensions like database_size also execute with the priviledges
> of root. Wouldn't it be wonderful if some disgruntled person or a
> hacker wrote & installed a package that did an rm -fr /?? Install
> Postgres in it's own account where it's priviledges to destroy the
> server are restricted. Anything else is begging for trouble.
>
>
> Dick Goulet
> Senior Oracle DBA
> Oracle Certified 8i DBA
> -----Original Message-----
> From: Peter Eisentraut [mailto:peter_e@gmx.net]
> Sent: Wednesday, January 12, 2005 7:01 PM
> To: Tomeh, Husam
> Cc: PgSQL ADMIN
> Subject: Re: [ADMIN] Installing PostgreSQL as "postgress" versus "root"
> Debate!
>
> Tomeh, Husam wrote:
> > I've seen book that prefer installing PostgreSQL as root and another
> > one recommends otherwise by first creating a postgres account and
> > then installing it as postgres. In the Oracle world, you don't use
> > root to install the software. What is the best practice as far as
> > PostgreSQL goes?
>
> The current recommendation, which is reflected in the installation
> instructions, is to install the software as root and to use the
> postgres user for the database files. The advice seen elsewhere in
> this thread to use the postgres user also for the software files is
> wrong.
>
> --
> Peter Eisentraut
> http://developer.postgresql.org/~petere/
>
> ---------------------------(end of broadcast)---------------------------
> TIP 2: you can get off all lists at once with the unregister command
> (send "unregister YourEmailAddressHere" to majordomo@postgresql.org)
>
> ---------------------------(end of broadcast)---------------------------
> TIP 6: Have you searched our list archives?
>
> http://archives.postgresql.org
>
--
Bruce Momjian | http://candle.pha.pa.us
pgman@candle.pha.pa.us | (610) 359-1001
+ If your life is a hard drive, | 13 Roberts Road
+ Christ can be your backup. | Newtown Square, Pennsylvania 19073