Thu Jul 22 14:39:14 PDT 2010
- Previous message: [Slony1-bugs] [Bug 141] altertablerestore() is obsolete in 2.0+
- Next message: [Slony1-bugs] [Bug 142] Minimize security profile
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
http://www.slony.info/bugzilla/show_bug.cgi?id=142 Summary: Minimize security profile Product: Slony-I Version: devel Platform: All OS/Version: All Status: NEW Severity: enhancement Priority: low Component: slon AssignedTo: slony1-bugs at lists.slony.info ReportedBy: cbbrowne at ca.afilias.info CC: slony1-bugs at lists.slony.info Estimated Hours: 0.0 At present, there are somewhat indeterminate parts of Slony-I that require superuser database access, and it's pretty much simplest to "have slon be a superuser." It would be highly desirable to reduce the usage of the superuser to a minimum, and, in addition, to have that usage be done explicitly on request, so that it could normally be unavailable. There are a limited number of places where superuser access is actually required, so we should be able to use SET ROLE=superuser/RESET ROLE in order to apply it minimally. Requirements: - Need a configuration parameter to indicate the superuser role to be used superuser_role is a proposed name - Need a pair of functions to use/reset the role - Those functions need to get used in apropos places -- Configure bugmail: http://www.slony.info/bugzilla/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug. You are the assignee for the bug.
- Previous message: [Slony1-bugs] [Bug 141] altertablerestore() is obsolete in 2.0+
- Next message: [Slony1-bugs] [Bug 142] Minimize security profile
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
More information about the Slony1-bugs mailing list