Magnus Hagander <> writes:
> On Wed, Mar 12, 2014 at 3:52 PM, Tom Lane <> wrote:
>> A local user with the superuser privilege would not be able to log into
>> another database, because superuser doesn't give you any extra privilege
>> until you've logged in.
>> Yeah, as superuser you could still break things as much as you pleased,
>> but not through SQL.

> You could COPY over the hba file or sometihng like that :)  Or just
> pg_read_binary_file() on the files in another database, which is accessible
> through SQL as well.

More directly, he could alter pg_authid to make himself a not-local user.
But I don't see that it's our responsibility to prevent that.  As long as
the combination of features works in a straightforward way, I'm happy
with it --- and it would, AFAICS.

                        regards, tom lane

Sent via pgsql-hackers mailing list (
To make changes to your subscription:

Reply via email to