Quick Links

Re: Disabling ALTER SYSTEM SET WAS: Re: ALTER SYSTEM SET command to change postgresql.conf parameters

From:	Alvaro Herrera <alvherre(at)2ndquadrant(dot)com>
To:	Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>
Cc:	Bruce Momjian <bruce(at)momjian(dot)us>, Stephen Frost <sfrost(at)snowman(dot)net>, Josh Berkus <josh(at)agliodbs(dot)com>, Andres Freund <andres(at)2ndquadrant(dot)com>, Greg Stark <stark(at)mit(dot)edu>, Fujii Masao <masao(dot)fujii(at)gmail(dot)com>, Robert Haas <robertmhaas(at)gmail(dot)com>, Amit Kapila <amit(dot)kapila(at)huawei(dot)com>, Dimitri Fontaine <dimitri(at)2ndquadrant(dot)fr>, pgsql-hackers(at)postgresql(dot)org
Subject:	Re: Disabling ALTER SYSTEM SET WAS: Re: ALTER SYSTEM SET command to change postgresql.conf parameters
Date:	2013-08-05 19:53:01
Message-ID:	20130805195301.GC27382@eldon.alvh.no-ip.org
Views:	Raw Message \| Whole Thread \| Download mbox \| Resend email
Thread:
Lists:	pgsql-hackers

Tom Lane escribió:

> What Josh seems to be concerned with in this thread is the question of
> whether we should support an installation *policy decision* not to allow
> ALTER SYSTEM SET. Not because a particular set of parameters is broken,
> but just because somebody is afraid the DBA might break things. TBH
> I'm not sure I buy that, at least not as long as ALTER SYSTEM is a
> superuser feature. There is nothing in Postgres that denies permissions
> to superusers, and this doesn't seem like a very good place to start.

Someone made an argument about this on IRC: GUI tool users are going to
want to use ALTER SYSTEM through point-and-click, and if all we offer is
superuser-level access to the feature, we're going to end up with a lot
of people running with superuser privileges just so that they are able
to tweak inconsequential settings. This seems dangerous.

The other issue is that currently you can only edit a server's config if
you are logged in to it. If we permit SQL-level access to that, and
somebody who doesn't have access to edit the files blocks themselves
out, there is no way for them to get a working system *at all*.

--
Álvaro Herrera http://www.2ndQuadrant.com/
PostgreSQL Development, 24x7 Support, Training & Services

In response to

Re: Disabling ALTER SYSTEM SET WAS: Re: ALTER SYSTEM SET command to change postgresql.conf parameters at 2013-08-05 19:38:34 from Tom Lane

Responses

Re: Disabling ALTER SYSTEM SET WAS: Re: ALTER SYSTEM SET command to change postgresql.conf parameters at 2013-08-05 20:24:23 from Tom Lane
Re: Disabling ALTER SYSTEM SET WAS: Re: ALTER SYSTEM SET command to change postgresql.conf parameters at 2013-08-05 20:31:08 from Rodrigo Gonzalez
Re: Disabling ALTER SYSTEM SET WAS: Re: ALTER SYSTEM SET command to change postgresql.conf parameters at 2013-08-05 21:15:06 from Stefan Kaltenbrunner
Re: Disabling ALTER SYSTEM SET WAS: Re: ALTER SYSTEM SET command to change postgresql.conf parameters at 2013-08-05 21:39:59 from Bruce Momjian

Browse pgsql-hackers by date

	From	Date	Subject
Next Message	Jeff Janes	2013-08-05 19:54:42	Re: Moving 'hot' pages from buffer pool to heap
Previous Message	Alvaro Herrera	2013-08-05 19:46:19	Re: Autovacuum different in 9.2.4?