Peter,
You may well be on the development team, but you are wrong for
one very important reason. If the Postgresql executables are owned by
root they execute with the priviledges of root. Thereby any local
created extensions like database_size also execute with the priviledges
of root. Wouldn't it be wonderful if some disgruntled person or a
hacker wrote & installed a package that did an rm -fr /?? Install
Postgres in it's own account where it's priviledges to destroy the
server are restricted. Anything else is begging for trouble.
Actually this is not true at any level. In order for the file
to execute as root it must be setuid root, the ownership is irrelevant
at that point.
If what you said were true, then almost every binary on a Linux system
would execute as root.
Sincerely,
Joshua D. Drake
Dick Goulet
Senior Oracle DBA
Oracle Certified 8i DBA
-----Original Message-----
From: Peter Eisentraut [mailto:[EMAIL PROTECTED]
Sent: Wednesday, January 12, 2005 7:01 PM
To: Tomeh, Husam
Cc: PgSQL ADMIN
Subject: Re: [ADMIN] Installing PostgreSQL as "postgress" versus "root"
Debate!
Tomeh, Husam wrote:
I've seen book that prefer installing PostgreSQL as root and another
one recommends otherwise by first creating a postgres account and
then installing it as postgres. In the Oracle world, you don't use
root to install the software. What is the best practice as far as
PostgreSQL goes?
The current recommendation, which is reflected in the installation
instructions, is to install the software as root and to use the
postgres user for the database files. The advice seen elsewhere in
this thread to use the postgres user also for the software files is
wrong.
--
Co-Founder
Command Prompt, Inc.
The wheel's spinning but the hamster's dead
---------------------------(end of broadcast)---------------------------
TIP 2: you can get off all lists at once with the unregister command
(send "unregister YourEmailAddressHere" to [EMAIL PROTECTED])
