Re: Required permissions for data directory - Mailing list pgsql-hackers

From Tom Lane
Subject Re: Required permissions for data directory
Date
Msg-id 5858.1097609518@sss.pgh.pa.us
Whole thread Raw
In response to Re: Required permissions for data directory  ("Joshua D. Drake" <jd@commandprompt.com>)
Responses Re: Required permissions for data directory
List pgsql-hackers
"Joshua D. Drake" <jd@commandprompt.com> writes:
> Tom Lane wrote:
>> Being able to edit postgresql.conf gives one the ability to become
>> postgres (hint: you can cause the backend to load a shlib of your
>> choosing, or even more trivially, adjust pg_hba.conf to let you in
>> as superuser), so the above distinction is unenforceable.

> Again, the responsibility of the administrator for the system.

How so?  The point is that there is *no such thing* as giving someone
config edit permissions without thereby implicitly trusting them with
the keys to the city.  If you trust them that much, you may as well let
them su to postgres.  There is no point in using group membership as a
substitute.
        regards, tom lane


pgsql-hackers by date:

Previous
From: Tom Lane
Date:
Subject: Re: Required permissions for data directory
Next
From: "Magnus Hagander"
Date:
Subject: Re: Cannot build latest snapshot under Mingw