Goulet, Dick wrote: > Peter, > > You may well be on the development team, but you are wrong for > one very important reason. If the Postgresql executables are owned by > root they execute with the priviledges of root. Thereby any local
What? They are not setuid? --------------------------------------------------------------------------- > created extensions like database_size also execute with the priviledges > of root. Wouldn't it be wonderful if some disgruntled person or a > hacker wrote & installed a package that did an rm -fr /?? Install > Postgres in it's own account where it's priviledges to destroy the > server are restricted. Anything else is begging for trouble. > > > Dick Goulet > Senior Oracle DBA > Oracle Certified 8i DBA > -----Original Message----- > From: Peter Eisentraut [mailto:[EMAIL PROTECTED] > Sent: Wednesday, January 12, 2005 7:01 PM > To: Tomeh, Husam > Cc: PgSQL ADMIN > Subject: Re: [ADMIN] Installing PostgreSQL as "postgress" versus "root" > Debate! > > Tomeh, Husam wrote: > > I've seen book that prefer installing PostgreSQL as root and another > > one recommends otherwise by first creating a postgres account and > > then installing it as postgres. In the Oracle world, you don't use > > root to install the software. What is the best practice as far as > > PostgreSQL goes? > > The current recommendation, which is reflected in the installation > instructions, is to install the software as root and to use the > postgres user for the database files. The advice seen elsewhere in > this thread to use the postgres user also for the software files is > wrong. > > -- > Peter Eisentraut > http://developer.postgresql.org/~petere/ > > ---------------------------(end of broadcast)--------------------------- > TIP 2: you can get off all lists at once with the unregister command > (send "unregister YourEmailAddressHere" to [EMAIL PROTECTED]) > > ---------------------------(end of broadcast)--------------------------- > TIP 6: Have you searched our list archives? > > http://archives.postgresql.org > -- Bruce Momjian | http://candle.pha.pa.us pgman@candle.pha.pa.us | (610) 359-1001 + If your life is a hard drive, | 13 Roberts Road + Christ can be your backup. | Newtown Square, Pennsylvania 19073 ---------------------------(end of broadcast)--------------------------- TIP 5: Have you checked our extensive FAQ? http://www.postgresql.org/docs/faqs/FAQ.html
