Joshua D. Drake wrote:
As a protection against malice, yes. I think Rod was more interested
in some protection against stupidity.
Maybe the real answer is that Slony should connect as a non-superuser
and call security definer functions for the privileged things it
needs to do.
Wouldn't that break Slony's ability to connect to older postgresql
versions and replicate?
I don't know anything of Slony's internals, but I don't see why older
versions should matter - Postgres has had security definer functions for
every release that Slony supports. Maybe I'm missing something ...
cheers
andrew
---------------------------(end of broadcast)---------------------------
TIP 9: In versions below 8.0, the planner will ignore your desire to
choose an index scan if your joining column's datatypes do not
match
