Re: Streaming replication as a separate permissions

Поиск
Список
Период
Сортировка
От Tom Lane
Тема Re: Streaming replication as a separate permissions
Дата
Msg-id 23446.1293117321@sss.pgh.pa.us
обсуждение исходный текст
Ответ на Streaming replication as a separate permissions  (Magnus Hagander <magnus@hagander.net>)
Ответы Re: Streaming replication as a separate permissions  (Robert Haas <robertmhaas@gmail.com>)
Re: Streaming replication as a separate permissions  (Magnus Hagander <magnus@hagander.net>)
Список pgsql-hackers
Magnus Hagander <magnus@hagander.net> writes:
> Here's a patch that changes walsender to require a special privilege
> for replication instead of relying on superuser permissions. We
> discussed this back before 9.0 was finalized, but IIRC we ran out of
> time. The motivation being that you really want to use superuser as
> little as possible - and since being a replication slave is a read
> only role, it shouldn't require the maximum permission available in
> the system.

Maybe it needn't require "max" permissions, but one of the motivations
for requiring superusernesss was to prevent Joe User from sucking every
last byte of data out of your database (and into someplace he could
examine it at leisure).  This patch opens that barn door wide, because
so far as I can see, it allows anybody at all to grant the replication
privilege ... or revoke it, thereby breaking your replication setup.
I think only superusers should be allowed to change the flag.
        regards, tom lane


В списке pgsql-hackers по дате отправления:

Предыдущее
От: Kenneth Marshall
Дата:
Сообщение: Re: Why is sorting on two columns so slower thansortingon one column?
Следующее
От: Quan Zongliang
Дата:
Сообщение: Re: Patch BUG #5103: "pg_ctl -w (re)start" fails with custom unix_socket_directory