Simon Riggs wrote: > > * I don't think we should require superuser rights for replication. > > Although you see all WAL and potentially all data in the system through > > that, a standby doesn't need any write access to the master, so it would > > be good practice to create a dedicated account with limited privileges > > for replication. > > Agreed. I think we should have a predefined user, called "replication" > that has only the correct rights.
I am concerned that knowledge of this new read-only replication user would have to be spread all over the backend code, which is really not something we should be doing at this stage in 8.5 development. I am also thinking such a special user might fall out of work on mandatory access control, so maybe we should just require super-user for 8.5 and revisit this for 8.6. -- Bruce Momjian <br...@momjian.us> http://momjian.us EnterpriseDB http://enterprisedb.com + If your life is a hard drive, Christ can be your backup. + -- Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers
