Thu Aug 5 09:08:27 PDT 2010
- Previous message: [Slony1-bugs] [Bug 142] Minimize security profile
- Next message: [Slony1-bugs] [Bug 142] Minimize security profile
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
http://www.slony.info/bugzilla/show_bug.cgi?id=142 --- Comment #6 from Christopher Browne <cbbrowne at ca.afilias.info> 2010-08-05 09:08:27 PDT --- (In reply to comment #5) > The problem is that we are not restricting who can call these functions. This > means that ANY user can enable the indexes on ANY table at will. This can't be > a good idea. > > If we are going to do this I think we need to introduce the concept of a slony > replication role/user, And that seems like rather a lot of "apparatus" to add in, when *most* people have been content enough to run slon as superuser. I'll take out the SECURITY DEFINER definition from the functions, and add, to the documentation, that this is something that one who wishes to lower the security profile would need to apply, along with restrictions on who can run the two functions. -- Configure bugmail: http://www.slony.info/bugzilla/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
- Previous message: [Slony1-bugs] [Bug 142] Minimize security profile
- Next message: [Slony1-bugs] [Bug 142] Minimize security profile
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
More information about the Slony1-bugs mailing list