Yeah, I question the intelligence of your security expert in this situation. As the superuser, I can do nearly anything I please, it's kind of the point. Now, if he wants you to setup non-superuser roles to do other stuff, I can understand, but there are some things only the superuser can do, and for that, you gotta trust them.
On Mon, Sep 14, 2009 at 1:17 PM, David Kerr <d...@mr-paradox.net> wrote: > anyone pass a SAS70 audit with postgres? > > Our security expert has a lot of concerns due to the lack of > user audit logging that's provided. > > especally for logging superuser / DBA actions. > > Of course, my stance is that you need to trust your DBAs, > but I don't know if SAS70 shares my belief. > > Thanks > > Dave > > -- > Sent via pgsql-general mailing list (pgsql-general@postgresql.org) > To make changes to your subscription: > http://www.postgresql.org/mailpref/pgsql-general > -- When fascism comes to America, it will be intolerance sold as diversity. -- Sent via pgsql-general mailing list (pgsql-general@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-general
