On Thu, Mar 28, 2024 at 12:43:29AM +0100, Jelte Fennema-Nio wrote: > + <varlistentry id="guc-allow-alter-system" > xreflabel="allow_alter_system"> > + <term><varname>allow_alter_system</varname> (<type>boolean</type>) > + <indexterm> > + <primary><varname>allow_alter_system</varname> configuration > parameter</primary> > + </indexterm> > + </term> > + <listitem> > + <para> > + When <literal>allow_alter_system</literal> is set to > + <literal>off</literal>, an error is returned if the <command>ALTER > + SYSTEM</command> command is used. This parameter can only be set in
"command is used." -> "command is issued." ? > + the <filename>postgresql.conf</filename> file or on the server > command > + line. The default value is <literal>on</literal>. > + </para> > + > + <para> > + Note that this setting cannot be regarded as a security feature. It "setting cannot be regarded" -> "setting should not be regarded" > + only disables the <literal>ALTER SYSTEM</literal> command. It does > not > + prevent a superuser from changing the configuration using other SQL > + commands. A superuser has many ways of executing shell commands at > + the operating system level, and can therefore modify > + <literal>postgresql.auto.conf</literal> regardless of the value of > + this setting. I like that you explained how this can be bypassed. > + > + <para> > + Turning this setting off is intended for environments where the > + configuration of <productname>PostgreSQL</productname> is managed by > + some outside mechanism. > + In such environments, a well intenioned superuser user might > + <emphasis>mistakenly</emphasis> use <command>ALTER SYSTEM</command> > + to change the configuration instead of using the outside mechanism. > + This might even appear to update the configuration as intended, but "This might even appear to update" -> "This might temporarily update" > + then might be discarded at some point in the future when that outside "that outside" -> "the outside" > + mechanism updates the configuration. > + Setting this parameter to <literal>off</literal> can > + help to avoid such mistakes. "help to avoid" -> "help avoid" > + </para> > + > + <para> > + This parameter only controls the use of <command>ALTER > SYSTEM</command>. > + The settings stored in <filename>postgresql.auto.conf</filename> > always "always" -> "still" Should this paragraph be moved after or as part of the paragraph about modifying postgresql.auto.conf? -- Bruce Momjian <br...@momjian.us> https://momjian.us EDB https://enterprisedb.com Only you can decide what is important to you.
