Tom Lane wrote:
> Christopher Kings-Lynne <chriskl@familyhealth.com.au> writes:
>
>>Hmmm - I agree it's difficult, but somehow I think it's something we
>>should do. Just imagine if some major user of postgres did it - they'd
>>be screaming blue murder...
>
>
> Shrug. Superusers can *always* shoot themselves in the foot in Postgres.
> Try "delete from pg_proc", for instance. This sounds right up there
> with the notion of preventing a Unix superuser from doing "rm -rf /".
Why not simply add a flag "undeleteable" applicable only to super user?
In this way is enough in the initdb fase create the postgres user as
undeleateable.
I think this is resonable.
Regards
Gaetano Mendola
