Re: doing backups

Jeff MacDonald writes:

> i think the postgres user should have acess to all databases no matter
> what.

I disagree. Firstly, for the backend to actually know that you're the
postgres (Unix) user it would have to authenticate you, using ident or
kerberos perhaps. But in the case in question the password authentication
method was explicitly chosen over the other methods. Secondly, what about
postgres users on other systems, everyone can create one on theirs. Or
what about systems without users as such. Your request doesn't generalize
very well. What it comes down to is that if someone wants you to access
their databases (be it for making backups or whatever) they have to grant
you access. (There wouldn't be anything preventing them from giving you a
password as well, or letting you in via ident, etc., while keeping the
password mechanism for themselves.)

On a side note, the postgres Unix user and the postgres database user are
not really related other than by name. The names must currently be equal
for initdb purposes but in the long run this should be removed as well.


--
Peter Eisentraut                  Sernanders väg 10:115
peter_e@gmx.net                   75262 Uppsala
http://yi.org/peter-e/            Sweden