Mon Jan 23 04:03:12 PST 2006
- Previous message: [Slony1-general] Security with slony
- Next message: [Slony1-general] Security with slony
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
On Sat, Jan 21, 2006 at 05:27:40PM -0000, Roger Lucas wrote: > Ideally, I am looking for information on what privileges and commands Slony > needs for the configuration and replication operations for the master and > slave nodes in the system. I can go through the code, but that is going to > take some time, so I was hoping that someone might know the answers or point > me to some more detailed documentation. I've sometimes thought that it would be possible to split things up this way: 1. A super-user role for setup and configuration. 2. A regular user for normal operation. The problem would be that, as soon as any operation involving tables happened, you'd need some way of automatically promoting the "regular user" to superuser status. So this would turn out actually to be no security at all. It's like giving limited sudo access to some user, but one of the commands is "vi". Since the user can escape to the shell, you've effectively just given them the keys anyway, although at one level of indirection. Your better bet would be to use the log shipping mechanism available in 1.1. It solves this problem for you. A -- Andrew Sullivan | ajs at crankycanuck.ca This work was visionary and imaginative, and goes to show that visionary and imaginative work need not end up well. --Dennis Ritchie
- Previous message: [Slony1-general] Security with slony
- Next message: [Slony1-general] Security with slony
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
More information about the Slony1-general mailing list