| From: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
|---|---|
| To: | John DeSoi <desoi(at)pgedit(dot)com> |
| Cc: | "Ali, Luqman" <luqman(dot)ali(at)sanmina-sci(dot)com>, pgsql-novice(at)postgresql(dot)org |
| Subject: | Re: Installation of postgresql database as root |
| Date: | 2007-06-06 14:45:25 |
| Message-ID: | 20836.1181141125@sss.pgh.pa.us |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-novice |
John DeSoi <desoi(at)pgedit(dot)com> writes:
> On Jun 6, 2007, at 12:20 AM, Ali, Luqman wrote:
>> I have no aversion to installing it as root but getting root access
>> from the sys admin would be a PITA. Company policy dictates that root
>> access is given to as few people as possible and only if it is necessary.
>> Hence, I needed to know if it is absolutely necessary to install as
>> root.
> No, it is not required to install as root. I believe the instructions
> indicate using root because root access is generally required to put
> binaries in the default install location.
One thing you might consider is to have the binaries owned by some
*other* unprivileged account, for instance install as user pgsql and run
the database as user postgres. This should provide an equivalent level
of protection against someone having cracked the database. The point is
just that if the binaries aren't writable by the database account,
that's one more obstacle in the way of parlaying the database crack into
any greater level of access.
regards, tom lane
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Steve Lefevre | 2007-06-06 21:39:04 | subselect syntax |
| Previous Message | Loredana Curugiu | 2007-06-06 12:47:02 | Re: JOIN |