Jim, * Jim Nasby (jim.na...@bluetreble.com) wrote: > When it comes to changing auditing settings, I think that needs to be very > restrictive. Really, it should be more (or differently) restrictive than SU, > so that you can effectively audit your superusers with minimal worries about > superusers tampering with auditing.
I continue to be of the opinion that you're not going to be able to effectively audit your superusers with any mechanism that resides inside of the process space which superusers control. If you want to audit superusers, you need something that operates outside of the postgres process space. I'm certainly interested in that, but it's an orthogonal discussion to anything we're talking about here. Thanks, Stephen
signature.asc
Description: Digital signature