| From: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
|---|---|
| To: | "Joshua J(dot) Kugler" <joshua(at)eeinternet(dot)com> |
| Cc: | pgsql-general(at)postgresql(dot)org |
| Subject: | Re: MySQL versus Postgres |
| Date: | 2010-08-09 18:33:27 |
| Message-ID: | 11292.1281378807@sss.pgh.pa.us |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general |
"Joshua J. Kugler" <joshua(at)eeinternet(dot)com> writes:
> On Monday 09 August 2010, Joshua D. Drake elucidated thus:
>> The actual requirement is:
>>
>> Thou shall not use a privelaged user, e.g; Administrator or UID = 0.
>>
>> Not only is that a reasonable default, MySQL is broken because of
>> theirs.
> Hmm...I've always seen MySQL run under the user mysql. Of course,
> mysqld_safe (the script that restarts mysql if it crashes) starts as
> root, but the actually binary runs as mysql.
That's how it's done if the user/packager knows what they're doing.
The problem is that not only doesn't mysql enforce that, it isn't
the default --- mysqld_safe is perfectly happy to launch the server
as root if you don't tell it not to. If you dig hard enough in their
manuals, you can find a recommendation to not run the server as root;
but they don't exactly push you to avoid that.
regards, tom lane
| From | Date | Subject | |
|---|---|---|---|
| Next Message | samantha | 2010-08-09 18:39:48 | Is there a way to bypass sql? |
| Previous Message | Bill Christensen | 2010-08-09 18:04:10 | Problem with dumps |