On Mar 12, 2014 1:46 AM, "Josh Berkus" <j...@agliodbs.com> wrote: > > On 03/11/2014 06:57 AM, Tom Lane wrote: > > Mind you, I wouldn't be unhappy to see it go away; it's a kluge and always > > has been. I'm just expecting lots of push-back if we try. And it's kind > > of hard to resist push-back when you don't have a substitute to offer. > > Yeah, what we really need is encapsulated per-DB users and local > superusers. I think every agrees that this is the goal, but nobody > wants to put in the work to implement a generalized solution. >
Encapsulated would probably be the doable part. But local superuser? Given that a superuser can load and run binaries, how would you propose you restrict that superuser from doing anything they want? And if you don't need that functionality, then hows it really different from being the database owner? /Magnus
