| From: | oleg yusim <olegyusim(at)gmail(dot)com> |
|---|---|
| To: | Kevin Grittner <kgrittn(at)gmail(dot)com> |
| Cc: | "David G(dot) Johnston" <david(dot)g(dot)johnston(at)gmail(dot)com>, PostgreSQL General <pgsql-general(at)postgresql(dot)org> |
| Subject: | Re: Data Packaging/Data Unpacking |
| Date: | 2016-01-13 22:08:47 |
| Message-ID: | CAKd4e_EgT3ZN2CTxSch1g0LutfwKZ60Yo9A1EeGbr44A8yD1aQ@mail.gmail.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general |
Kevin,
It is understood. But doesn't change things from my perspective. It would
anyway be user, with sole access, nobody can elevate privileges to and only
root can su to. The name, in that case, is irrelevant, but answer postgres
gave me idea of the protection level here.
Thanks,
Oleg
On Wed, Jan 13, 2016 at 4:04 PM, Kevin Grittner <kgrittn(at)gmail(dot)com> wrote:
> On Wed, Jan 13, 2016 at 3:54 PM, oleg yusim <olegyusim(at)gmail(dot)com> wrote:
>
> > Answer "postgres" would suffice.
>
> But the user would not always be "postgres". To be accurate, it is
> the user which owns the files for the "cluster" (database instance)
> and which runs the database service. If a machine contains
> multiple clusters it is (IMO) best practice, for both security and
> operational reasons, to use a separate OS user for each cluster.
>
> --
> Kevin Grittner
> EDB: http://www.enterprisedb.com
> The Enterprise PostgreSQL Company
>
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Williamson, Michael | 2016-01-13 22:14:33 | v9.1, DROP TRIGGER IF EXISTS behaving oddly |
| Previous Message | Kevin Grittner | 2016-01-13 22:04:22 | Re: Data Packaging/Data Unpacking |