Re: User privileges-verification required

Tom Lane <tgl@sss.pgh.pa.us>

From: Tom Lane <tgl@sss.pgh.pa.us>
To: "Nauman Naeem" <nauman.naeem@gmail.com>
Cc: pgsql-hackers@postgresql.org
Date: 2006-02-24T15:47:25Z
Lists: pgsql-hackers
"Nauman Naeem" <nauman.naeem@gmail.com> writes:
> I tried the single-user mode option and it worked, thanks! but, don't
> you people think that we should provide this privilege in multi-user
> mode as well.In accordence to my second point.

No.  Restricting what a superuser can do is pointless --- he can always
manage to shoot himself in the foot if he tries hard enough.  (Consider
eg "DELETE FROM pg_authid".)  Trying to fix it in the reverse direction
(re-establishing superuser after the last one's been deleted) has
obvious security issues.

The problem comes up sufficiently seldom that the single-user-mode
backdoor seems sufficient.

			regards, tom lane