Hi,
On 2022-06-29 08:51:10 +0200, Laurenz Albe wrote:
> On Tue, 2022-06-28 at 16:27 -0700, Andres Freund wrote:
> > > Experience shows that 99% of the time one can run PostgreSQL just fine
> > > without a superuser
> >
> > IME that's not at all true. It might not be needed interactively, but that's
> > not all the same as not being needed at all.
>
> I also disagree with that. Not having a superuser is one of the pain
> points with using a hosted database: no untrusted procedural languages,
> no untrusted extensions (unless someone hacked up PostgreSQL or provided
> a workaround akin to a SECURITY DEFINER function), etc.
I'm not sure what exactly you're disagreeing with? I'm not saying that
superuser isn't needed interactively in general, just that there are
reasonably common scenarios in which that's the case.
Greetings,
Andres Freund