Joshua D. Drake wrote:

>
>>
>> As a protection against malice, yes. I think Rod was more interested
>> in some protection against stupidity.
>>
>> Maybe the real answer is that Slony should connect as a non-superuser
>> and call security definer functions for the privileged things it
>> needs to do.
>
>
> Wouldn't that break Slony's ability to connect to older postgresql
> versions and replicate?
>

I don't know anything of Slony's internals, but I don't see why older
versions should matter - Postgres has had security definer functions for
every release that Slony supports. Maybe I'm missing something ...

cheers

andrew

---------------------------(end of broadcast)---------------------------
TIP 9: In versions below 8.0, the planner will ignore your desire to
choose an index scan if your joining column's datatypes do not
match