On Saturday 02 August 2003 13:04, Chad N. Tindel wrote:
> I didn't say "require them to run as a non-root user". I said "Give them
> the choice to decide what is correct for their environment". In the case
> of apache, there are many internal webservers that are not exposed to the
> threat of the public internet; for such servers, it may be appropriate to
> run apache as root because it simplifies the administration and automation
> of tasks.
It also simplifies a bug in apache crashing your box and scribbling all over
your disk. Apache does have bugs, you know. (as do MySQL and PostgreSQL, but
that's another story).
The postmaster will not run as root. That is just the way it is, and has
been, for quite some time. It is foolish to run an RDBMS server (or any
other server that doesn't need root's permissions) as root when it is not
necessary. It is lazy to run things as root to 'simplify' administration;
properly administering a box isn't that hard, and user protections and
permissions should be used to their intended effect in the course of routine
administration. That's just basic Unix sysadmin practice that is well
accepted by the vast majority of sysadmins. We just encourage the best
practice in a more direct way than other servers, that's all.
As to the subject matter of this thread, there are a great number of
educational opportunities in such a migration/pitfalls document. The MySQL
'way' and the PostgreSQL 'way' are very different, and at points don't even
have a common frame of reference. This issue is one of them; a thorough
explanation, written in a direct non-condescending style, of why postmaster
won't run as root would be a nice addition.
--
Lamar Owen
Director of Information Technology
Pisgah Astronomical Research Institute
---------------------------(end of broadcast)---------------------------
TIP 5: Have you checked our extensive FAQ?
http://www.postgresql.org/docs/faqs/FAQ.html
