On Thu, Dec 23, 2010 at 10:54 AM, Tom Lane <tgl@sss.pgh.pa.us> wrote:
> Robert Haas <robertmhaas@gmail.com> writes:
>> I haven't looked at the patch yet, but I think we should continue to
>> allow superuser-ness to be *sufficient* for replication - i.e.
>> superusers will automatically have the replication privilege just as
>> they do any other - and merely allow this as an option for when you
>> want to avoid doing it that way.
>
> I don't particularly mind breaking that. If we leave it as-is, we'll
> be encouraging people to use superuser accounts for things that don't
> need that, which can't be good from a security standpoint.
And if we break it, we'll be adding an additional, mandatory step to
make replication work that isn't required today. You might think
that's OK, but I think the majority opinion is that it's already
excessively complex.
--
Robert Haas
EnterpriseDB: http://www.enterprisedb.com
The Enterprise PostgreSQL Company