Magnus Hagander <[email protected]> writes:
> On Wed, Mar 12, 2014 at 3:52 PM, Tom Lane <[email protected]> wrote:
>> A local user with the superuser privilege would not be able to log into
>> another database, because superuser doesn't give you any extra privilege
>> until you've logged in.
>>
>> Yeah, as superuser you could still break things as much as you pleased,
>> but not through SQL.
> You could COPY over the hba file or sometihng like that :) Or just
> pg_read_binary_file() on the files in another database, which is accessible
> through SQL as well.
More directly, he could alter pg_authid to make himself a not-local user.
But I don't see that it's our responsibility to prevent that. As long as
the combination of features works in a straightforward way, I'm happy
with it --- and it would, AFAICS.
regards, tom lane
--
Sent via pgsql-hackers mailing list ([email protected])
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-hackers
