On Tue, Dec 17, 2019 at 5:27 AM Peter Eisentraut <peter.eisentr...@2ndquadrant.com> wrote: > I realize that there are a number of facilities nowadays to do enhanced > security setups. But let's consider what 99% of users are using. If > the database server runs as user X and you are logged in as user X, you > should be able to manage the database server that is running as user X > without further restrictions. Anything else would call into question > the entire security model that postgres is built around. But also, > there is an option to turn this off in my patch, if you really have the > need.
I feel like this is taking a policy decision that properly belongs in pg_hba.conf and making it into a GUC. If you're introducing a GUC because it's not possible to configure the behavior that you want in pg_hba.conf, then I think the solution to that is to enhance pg_hba.conf so that it can support the behavior you want to configure. -- Robert Haas EnterpriseDB: http://www.enterprisedb.com The Enterprise PostgreSQL Company
