On Thu, 2010-12-23 at 10:53 +0100, Magnus Hagander wrote: > Here's a patch that changes walsender to require a special privilege > for replication instead of relying on superuser permissions. We > discussed this back before 9.0 was finalized, but IIRC we ran out of > time. The motivation being that you really want to use superuser as > little as possible - and since being a replication slave is a read > only role, it shouldn't require the maximum permission available in > the system.
Is backup part of this new privilege, or not? I think if we're going to introduce a new level of privilege, then we should introduce all delegatable privs in one software release. Much better than having someone think up a new delegatable priv each release for next 5 years. Other possible ones include unsafe PL creation, seeing logged SQL etc.. -- Simon Riggs http://www.2ndQuadrant.com/books/ PostgreSQL Development, 24x7 Support, Training and Services -- Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers
