Keith Parks <emkxp01@mtcc.demon.co.uk> writes:
> One thing we need to do is change the default, "if all else
> fails" id from 0 to something else, as 0 is specifically
> disallowed and causes an "Abort" in postgres when bootstrapping.
Actually, I see no reason why the superuser's Postgres ID number
shouldn't default to 0. If there's code in there to reject that,
isn't it doing the wrong thing?
The postmaster and backend can and should refuse to run with an
effective Unix userid of 0 (root), but that doesn't mean that
a Postgres ID of 0 is insecure, does it?
regards, tom lane