| From: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
|---|---|
| To: | Andres Freund <andres(at)anarazel(dot)de> |
| Cc: | Stephen Frost <sfrost(at)snowman(dot)net>, pgsql-hackers(at)postgresql(dot)org, Robert Haas <robertmhaas(at)gmail(dot)com>, Harold Giménez <harold(dot)gimenez(at)gmail(dot)com> |
| Subject: | Re: pg_upgrade improvements |
| Date: | 2012-04-05 16:12:48 |
| Message-ID: | 4724.1333642368@sss.pgh.pa.us |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
Andres Freund <andres(at)anarazel(dot)de> writes:
> On Thursday, April 05, 2012 05:39:19 PM Tom Lane wrote:
>> Yeah, that would be a small pain in the neck, but it eliminates a huge
>> pile of practical difficulties, like your blithe assumption that you can
>> find a "private directory" somewhere (wrong) or disallow access to other
>> people (also wrong, if they are using the same account as you).
> I don't think this needs to protect against malicious intent of a user running
> with the *same* privileges as the postmaster.
Who said anything about malicious intent? Please re-read the original
gripe in this thread. There's nothing un-legitimate about, eg, clients
trying to connect to the database during your maintenance window.
What we want is to be sure that nobody can connect to the database
except the person running the standalone instance. To my mind "sure"
means "sure"; it does not include qualifiers like "unless some
other process tries to do the same thing at about the same time".
regards, tom lane
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Robert Haas | 2012-04-05 16:19:15 | Re: Finer Extension dependencies |
| Previous Message | Andres Freund | 2012-04-05 16:04:32 | Re: pg_upgrade improvements |