On 12/23/2010 08:59 PM, Magnus Hagander wrote:
> On Thu, Dec 23, 2010 at 16:57, Robert Haas<robertmhaas@gmail.com> wrote:
>> On Thu, Dec 23, 2010 at 10:54 AM, Tom Lane<tgl@sss.pgh.pa.us> wrote:
>>> Robert Haas<robertmhaas@gmail.com> writes:
>>>> I haven't looked at the patch yet, but I think we should continue to
>>>> allow superuser-ness to be *sufficient* for replication - i.e.
>>>> superusers will automatically have the replication privilege just as
>>>> they do any other - and merely allow this as an option for when you
>>>> want to avoid doing it that way.
>>>
>>> I don't particularly mind breaking that. If we leave it as-is, we'll
>>> be encouraging people to use superuser accounts for things that don't
>>> need that, which can't be good from a security standpoint.
>>
>> And if we break it, we'll be adding an additional, mandatory step to
>> make replication work that isn't required today. You might think
>> that's OK, but I think the majority opinion is that it's already
>> excessively complex.
>
> Most of the people I run across in the real world are rather surprised
> how *easy* it is to set up, and not how complex. And tbh, the only
> complexity complaints I've heard there are about the requirement to
> start/backup/stop to get it up and running. I've always told everybody
> to create a separate account to do it, and not heard a single comment
> about that.
I agree - people I talked to are fairly surprised on us not using a
dedicated replication role but are surprised at the complexity of
actually initializing the replication (mostly the "we cannot do a base
backup over the replication connection" missfeature)
Stefan