| From: | Dmitriy Igrishin <dmitigr(at)gmail(dot)com> |
|---|---|
| To: | Carlos Mennens <carlos(dot)mennens(at)gmail(dot)com> |
| Cc: | pgsql-general(at)postgresql(dot)org |
| Subject: | Re: Additional Grants To SuperUser? |
| Date: | 2011-02-08 12:09:29 |
| Message-ID: | AANLkTimRUYjnhknzuva_to3Dz8uCXuWRt9QBaSmJEqRD@mail.gmail.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general |
2011/2/7 Carlos Mennens <carlos(dot)mennens(at)gmail(dot)com>
> On Fri, Feb 4, 2011 at 5:08 PM, Dmitriy Igrishin <dmitigr(at)gmail(dot)com>
> wrote:
> > These all (SUPERUSER, CREATEDB, SUPERUSER) are role attributes.
> > By performing ALTER ROLE postgres NOSUPERUSER it is possible to
> > turn role with a superuser status into a role that just can create
> databases
> > and manage roles (admin, but without superuser privileges).
>
> So is it very bad to alter ANY of the default role attributes granted
> to the 'postgres' user? I don't know if removing role attributes from
> him will have negative consequences to features / functional tasks of
> the PostgreSQL server / client application(s).
>
Nothing special in 'postgres' user from the POV of DBMS. It is just a user
with superuser attribute created when you perform initdb(1).
But please note, some OS distributives uses 'postgres' for non-interactive
access to all databases for automatic maintenance (custom daily cronjobs,
replication, and similar tasks) -- please see you pg_hba.conf file where
entry for 'postgres' user usually resides.
>
> --
> Sent via pgsql-general mailing list (pgsql-general(at)postgresql(dot)org)
> To make changes to your subscription:
> http://www.postgresql.org/mailpref/pgsql-general
>
--
// Dmitriy.
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Devrim GÜNDÜZ | 2011-02-08 12:23:54 | Re: about PostgreSQL 9.0.3 RPMs |
| Previous Message | Fujii Masao | 2011-02-08 12:05:55 | Re: Maintenance commands on standby servers |