Magnus Hagander <mag...@hagander.net> writes: > On Wed, Mar 12, 2014 at 3:52 PM, Tom Lane <t...@sss.pgh.pa.us> wrote: >> A local user with the superuser privilege would not be able to log into >> another database, because superuser doesn't give you any extra privilege >> until you've logged in. >> >> Yeah, as superuser you could still break things as much as you pleased, >> but not through SQL.
> You could COPY over the hba file or sometihng like that :) Or just > pg_read_binary_file() on the files in another database, which is accessible > through SQL as well. More directly, he could alter pg_authid to make himself a not-local user. But I don't see that it's our responsibility to prevent that. As long as the combination of features works in a straightforward way, I'm happy with it --- and it would, AFAICS. regards, tom lane -- Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers