[pgpool-general: 1608] Re: watchdog root requirement

Bruce Momjian bruce at momjian.us
Fri Apr 12 00:13:18 JST 2013

On Thu, Apr 11, 2013 at 11:09:01AM -0400, Kyle O'Donnell wrote:
> I'm no security expert either, but I do work in finance and the
> information security teams have approved using sudo to execute
> escalated privileges without a password.
> IMHO the best option is to just run whatever is in the configuration
> for ifconfig/arping.  If it succeeds, great.  If it fails, exit with
> an error.  It's better to beg for forgiveness than ask permission as
> far as I'm concerned :)
> Failing that, I would think the next best option is a configuration
> parameter in pgpool.conf (dontcheckroot=yes or something).  Second
> best would be command line option for the pgpool binary. Compile time
> option would be fine, but not the best option.
> So your idea is edit /etc/sudoers to allow to execute via sudo arping
> and ifconfig without password? I'm not a security expert but this
> sounds like a good idea to me.

The only other method I have seen for the starting process to fork a
child that retains root and it changes to another username, and only
uses the root child process for limited uses.

  Bruce Momjian  <bruce at momjian.us>        http://momjian.us
  EnterpriseDB                             http://enterprisedb.com

  + It's impossible for everything to be true. +

More information about the pgpool-general mailing list