On Mon, 2003-10-13 at 21:26, Jan Wieck wrote:
> Rod Taylor wrote:
> >> >> > Allow superuser (dba?) the ability to turn off foreign key checks/all
> >> >> > constraints/triggers, not settable from postgresql.conf?
> >> >>
> >> >> Is that one really necessary for 7.4 now that adding foreign keys is
> >> >> apparently much faster?
> >
> >> If you reconfigure your systems to force fsck on every boot, cleanly
> >> unmounted or not, you can vote against. Otherwise you are basically for
> >> this option.
> >
> > I vote to disable the checks for pg_restore if the dumpfile has a check
> > added to ensure it's the same file that was dumped (an MD5 in the
> > header) and it is a full database restore.
> >
> > Individual table restores should require the check.
>
> I don't like it.
>
> Rod, this is not meant personal, more some sort of general sigh:
>
> Why do people wait until the EMT cannot give the life-saving infusion
> any more before they realize that "invincible" isn't that great at all?
>
> Some dumb-user/fat-finger/ooops protection is surely welcome, but there
> is a limit. A system console has to be behind a locked door instead of
> the single-user boot being root-password protected. As soon as people
Unfortunately, as more and more companies start to outsource their
server administration these are the people who will be interacting with
the database more in this role -- in fact, for most it is the only time
they'll ever be on the database box.
What I would like to see is to make these items permission based. For
example, a permission that allows creation a new database and ownership
changes (away from self) but nothing else. This would be adequate for
'safe-only' restores.