> hjp-pgsql@hjp.at wrote:
>
>> bryn@yugabyte.com:
>>
>> For the purpose of the tests that follow, I set up the O/S users "bob" and "mary" so that "id bob mary postgres"
showsthis:
>>
>> id=1002(bob) gid=1001(postgres) groups=1001(postgres)
>> uid=1003(mary) gid=1001(postgres) groups=1001(postgres)
>
> This has nothing to do with your problem, but don't do this. Normal users should not be in group "postgres". That
givesthem access to some files which are not readable by the public. It might be useful for administrators, but AFAICS
yourtest users aren't supposed to be that.
>
>> uid=1001(postgres) gid=1001(postgres) groups=1001(postgres),27(sudo),114 (ssl-cert)
>
> And is there a reason for postgres to be in group sudo?
Thanks for pointing this out, Peter.
I was careless. I'm testing ideas using my laptop. And apart from the fragments of SQL, O/S scripts, and what these
report,that I've shown on this list, everything is private. (Nobody else can access my laptop without stealing it and
breakingin.)
That's no excuse for showing sloppy practices. I'll aim to do better.
