On Thu, Dec 23, 2010 at 10:54 AM, Tom Lane <t...@sss.pgh.pa.us> wrote: > Robert Haas <robertmh...@gmail.com> writes: >> I haven't looked at the patch yet, but I think we should continue to >> allow superuser-ness to be *sufficient* for replication - i.e. >> superusers will automatically have the replication privilege just as >> they do any other - and merely allow this as an option for when you >> want to avoid doing it that way. > > I don't particularly mind breaking that. If we leave it as-is, we'll > be encouraging people to use superuser accounts for things that don't > need that, which can't be good from a security standpoint.
And if we break it, we'll be adding an additional, mandatory step to make replication work that isn't required today. You might think that's OK, but I think the majority opinion is that it's already excessively complex. -- Robert Haas EnterpriseDB: http://www.enterprisedb.com The Enterprise PostgreSQL Company -- Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers
