| From: | Jasen Betts <jasen(at)xnet(dot)co(dot)nz> |
|---|---|
| To: | pgsql-general(at)postgresql(dot)org |
| Subject: | Re: authentication/privileges |
| Date: | 2013-05-11 05:58:02 |
| Message-ID: | kmkmla$en3$3@gonzo.reversiblemaps.ath.cx |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general |
On 2013-05-10, Alvaro Herrera <alvherre(at)2ndquadrant(dot)com> wrote:
> Tom Lane escribió:
>
>> It's fairly common for distro-supplied packages to create a postgres
>> OS user but not assign it any password. In that state, the only way to
>> become postgres is to "su" to it from root, or perhaps from a sudoer
>> account with root-equivalent privileges. While that might be okay
>> for machines with just one person administering everything, I can't
>> say that I think it's recommendable practice in general: you don't
>> want to have to give somebody root to let them admin the database.
>> Better to give the postgres user a password.
>
> Of course, it's also possible to give multiple people sudo-to-postgres
> capability without giving them sudo-to-root.
Or to grant "superuser" to other database user accounts, and leave
the postgres user for internal use.
--
⚂⚃ 100% natural
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Matt Brock | 2013-05-11 09:10:41 | Re: Deploying PostgreSQL on CentOS with SSD and Hardware RAID |
| Previous Message | Bruce Momjian | 2013-05-11 00:03:38 | Re: Re: [GENERAL] pg_upgrade fails, "mismatch of relation OID" - 9.1.9 to 9.2.4 |