Re: Connection limit and Superuser - Mailing list pgsql-hackers

From Rod Taylor
Subject Re: Connection limit and Superuser
Date
Msg-id 1154355313.24186.334.camel@home
Whole thread Raw
In response to Re: Connection limit and Superuser  (Tom Lane <tgl@sss.pgh.pa.us>)
List pgsql-hackers
On Mon, 2006-07-31 at 09:52 -0400, Tom Lane wrote:
> Andrew Dunstan <andrew@dunslane.net> writes:
> > Martijn van Oosterhout wrote:
> >> Maybe someone should look into enabling slony to not run as a
> >> superuser?
> 
> > That was my initial reaction to this suggestion. But then I realised 
> > that it might well make sense to have a separate connection-limited 
> > superuser for Slony purposes (or any other special purpose) alongside an 
> > unlimited superuser.
> 
> Actually, the real question in my mind is why Slony can't be trusted
> to use the right number of connections to start with.  If you don't
> trust it that far, what are you doing letting it into your database as
> superuser to start with?

I generally try to apply reasonable restrictions on all activities that
take place on my systems unless the machine was dedicated for that task
(in which case the limitations are those of the machine).

When things go wrong, and they almost always do eventually, these types
of restrictions ensure that only the one process grinds to a halt
instead of the entire environment.


Cron jobs are another area that are frequently implemented incorrectly.
Implementing checks to see if it is already running is overlooked enough
that I would like to restrict them as well.

This is less important since roles now allow multiple users to take
ownership of a relation; less jobs that need to run as a superuser.
-- 



pgsql-hackers by date:

Previous
From: Stephen Frost
Date:
Subject: Re: Relation locking and relcache load (was Re: Going for "all green" buildfarm results)
Next
From: Michael Fuhr
Date:
Subject: tg_trigtuple not NULL in AFTER STATEMENT triggers?