| From: | Geoffrey <esoteric(at)3times25(dot)net> |
|---|---|
| To: | pgsql general <pgsql-general(at)postgresql(dot)org> |
| Subject: | Re: How to have a blind-superuser |
| Date: | 2006-04-25 12:08:53 |
| Message-ID: | 444E1155.4000400@3times25.net |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general |
Steve Atkins wrote:
> So... you're not going to be able to do this _at_all_ from within
> the database. You're going to need an external solution, probably
> a hideous seteuid thing, if you really want to do this. And it's
> a really bad idea, so you probably don't want to.
Thinking out loud on this one, so feel free to shoot it full of holes
folks. I'm also assuming a UNIX based system. I don't suggest this
solution, but it might be closer to what you're looking for.
Create a root permission id that has the permissions to backup the
database. Set the id's shell in /etc/passwd so that it executes a script
that performs the backup. Again, I don't recommend this, but it might
be a workable solution. Now, you login to the machine and the script is
executed.
Personally, I still maintain that if you can't trust the person that is
expected to backup your database, you should get rid of them.
--
Until later, Geoffrey
Any society that would give up a little liberty to gain a little
security will deserve neither and lose both. - Benjamin Franklin
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Geoffrey | 2006-04-25 12:14:15 | Re: pg_dumpall: does not exist database |
| Previous Message | Geoffrey | 2006-04-25 11:56:17 | Re: How to have a blind-superuser |