Re: postgres database user account

From: "Kevin Grittner" <Kevin(dot)Grittner(at)wicourts(dot)gov>
To: <Maria(dot)L(dot)Wilson-1(at)nasa(dot)gov>,"Joe R(dot) Plugge" <JRPlugge(at)west(dot)com>
Cc: "Maria Louise (LARC-E301)[SCIENCE SYSTEMS APPLICATIONS] Wilson" <m(dot)l(dot)wilson(at)nasa(dot)gov>, "pgsql-admin(at)postgresql(dot)org" <pgsql-admin(at)postgresql(dot)org>
Subject: Re: postgres database user account
Date: 2010-06-30 20:52:08
Message-ID: 4C2B68280200002500032E39@gw.wicourts.gov
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-admin

"Maria L. Wilson" <Maria(dot)L(dot)Wilson-1(at)nasa(dot)gov> wrote:

> What we are planning on doing with the OS acct (postgres) is only
> allowing users sudo ability to this account. Nobody should be
> able to directly log into it. Do you think that will cause
> problems?

It's what we do. We use ident logins from this account, and use it
for maintenance jobs scheduled through crontab, such as database
vacuum and some backup related processes. It works well for us, and
we figure that if someone can run as root, they can trash the
database anyway, so we don't think we're opening up any security
holes with it.

-Kevin

In response to

Browse pgsql-admin by date

  From Date Subject
Next Message Tom Lane 2010-06-30 20:59:24 Re: cache lookup failed for index
Previous Message Gilberto Castillo Martínez 2010-06-30 20:49:31 Re: postgres database user account