| From: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
|---|---|
| To: | "Nauman Naeem" <nauman(dot)naeem(at)gmail(dot)com> |
| Cc: | pgsql-hackers(at)postgresql(dot)org |
| Subject: | Re: User privileges-verification required |
| Date: | 2006-02-24 15:47:25 |
| Message-ID: | 3462.1140796045@sss.pgh.pa.us |
| Views: | Whole Thread | Raw Message | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
"Nauman Naeem" <nauman(dot)naeem(at)gmail(dot)com> writes:
> I tried the single-user mode option and it worked, thanks! but, don't
> you people think that we should provide this privilege in multi-user
> mode as well.In accordence to my second point.
No. Restricting what a superuser can do is pointless --- he can always
manage to shoot himself in the foot if he tries hard enough. (Consider
eg "DELETE FROM pg_authid".) Trying to fix it in the reverse direction
(re-establishing superuser after the last one's been deleted) has
obvious security issues.
The problem comes up sufficiently seldom that the single-user-mode
backdoor seems sufficient.
regards, tom lane
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Kevin Grittner | 2006-02-24 15:48:06 | Re: fsutil ideas |
| Previous Message | Tom Lane | 2006-02-24 15:38:33 | Re: textToQualifiedNameList second parameter |