"Joshua D. Drake" <[EMAIL PROTECTED]> writes:
For 8.0 are we going to allow group modifications to the data directories for PostgreSQL? It is kind of silly that it must be 700.
Not in the least. There are many systems where users by default are all in a "users" group, and so 770 isn't much safer than 777.
Which is not the responsibility of us. It is the responsibility of the administrator of that system.
Being able to edit postgresql.conf gives one the ability to become postgres (hint: you can cause the backend to load a shlib of your choosing, or even more trivially, adjust pg_hba.conf to let you in as superuser), so the above distinction is unenforceable.
Again, the responsibility of the administrator for the system.
It seems really odd that we build this dynamic, extensible database system -- yet cripple (at least in this way) the ability for the administrators of that system to have a dynamic, and extensible administration policy.
If we are going to take the route of... "Oh gosh, the user is probably and idiot.", then we should also get rid of the ability to delete from ;)
Sincerely,
Joshua D. Drake
In short: no way.
regards, tom lane
-- Command Prompt, Inc., home of Mammoth PostgreSQL - S/ODBC and S/JDBC Postgresql support, programming shared hosting and dedicated hosting. +1-503-667-4564 - [EMAIL PROTECTED] - http://www.commandprompt.com Mammoth PostgreSQL Replicator. Integrated Replication for PostgreSQL
begin:vcard fn:Joshua D. Drake n:Drake;Joshua D. org:Command Prompt, Inc. adr:;;PO Box 215;Cascade Locks;Oregon;97014;USA email;internet:[EMAIL PROTECTED] title:Consultant tel;work:503-667-4564 tel;fax:503-210-0334 note:Command Prompt, Inc. is the largest and oldest US based commercial PostgreSQL support provider. We provide the only commercially viable integrated PostgreSQL replication solution, but also custom programming, and support. We authored the book Practical PostgreSQL, the procedural language plPHP, and adding trigger capability to plPerl. x-mozilla-html:FALSE url:http://www.commandprompt.com/ version:2.1 end:vcard
---------------------------(end of broadcast)---------------------------
TIP 2: you can get off all lists at once with the unregister command
(send "unregister YourEmailAddressHere" to [EMAIL PROTECTED])
