| From: | raghavendra t <raagavendra(dot)rao(at)gmail(dot)com> |
|---|---|
| To: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
| Cc: | pgsql-general(at)postgresql(dot)org |
| Subject: | Re: How to give security to pg_catalogs |
| Date: | 2010-03-29 17:52:55 |
| Message-ID: | bc7de5a31003291052l4a3aa81ek3e0b90942f150b1@mail.gmail.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general |
Hi Tom,
Thank you for the update
> This is much like the fact that, say, root can trivially destroy any
> Unix filesystem. You could imagine trying to put enough training wheels
> on superuserdom to prevent such things, but it's not really practical
> and any attempt would get in the way of many legitimate uses.
Can we create any prompts on the pg_catalogs while doing any operation like
altering/deleting manually.
Regards
Raghavendra
On Mon, Mar 29, 2010 at 8:22 PM, Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> wrote:
> raghavendra t <raagavendra(dot)rao(at)gmail(dot)com> writes:
> > How to give security to the pg_catalogs, as these are freely alterable
> and
> > cause some security problem. Here i mean to say, as a superuser we can
> > delete the rows from a catalogs are alter the catalogs, is there anyway
> to
> > put restriction or any promting before doing anything to catalogs.
> > Any suggestions for this ?
>
> Don't give superuser privileges to anyone who's dumb enough to try such
> things on a production database.
>
> This is much like the fact that, say, root can trivially destroy any
> Unix filesystem. You could imagine trying to put enough training wheels
> on superuserdom to prevent such things, but it's not really practical
> and any attempt would get in the way of many legitimate uses.
>
> regards, tom lane
>
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Mark Vantzelfde | 2010-03-29 17:54:50 | Re: PostgreSQL on Windows |
| Previous Message | Raymond O'Donnell | 2010-03-29 17:51:25 | Re: PostgreSQL on Windows |