> 2. Are you sure "Powerusers" is such a good idea? It's the default for > all non-admin users. When Postgres becomes a service, it's going to be > relatively easy to configure it to run as a low-priv user. Until then, > however, isn't it too difficult for admins to set up the system for it > to run as a different user? > Found this document on the net. It gives you a good overview of what different levels of users can and cannot do. I think the heading "What can a power user do that a user can't" contains a couple of very good reasons to prevent that PostgreSQL runs with Powerusers rights.
http://download.microsoft.com/download/1/b/8/1b8fc001-6f67-4ea1-b0f2-8add1da8cbc0/_Toc42414596 Exerpt: Unfortunately, these permissions are also the same permissions that allow power users to: · Introduce Trojan horses that, if executed by administrators or other users, can compromise system and data security · Make system-wide operating system and application changes that affect other users of the system Kind regards, Thomas Hallgren ---------------------------(end of broadcast)--------------------------- TIP 5: Have you checked our extensive FAQ? http://www.postgresql.org/docs/faqs/FAQ.html
