On Tue, Jul 07, 2015 at 06:57:45AM -0500, John McKown wrote: > >>> >at a bare minimum, a database administrator needs to create database > >>> >roles (users) and databases for an app like yours. > >>> > >> The admin don't need to create the db. It is done by the application > >> (sqlalchemy-utils on Python3) itself. > >> > > > > an application should not have the privileges to do that. you don't run > > your apps as 'root', do you? why would you run them as a database > > administrator ? > > > Trigger Warning (Thanks, Mallard Fillmore) > > I agree with you on this. If I were a customer and some vendor said: "Oh > yes, to run our product, you must configure your multi-user data base to > disable passwords and run it as a DBA so that it can make schema changes on > the fly", then I'd simply say "no sale". Of course, in regards to the > schema, it would be proper to document what the DBA needs to do to set up > the data base with the proper tables and other items. In fact, an app might have an option to emit a script for the DBA to run. Or even offer to run it for the DBA given proper credentials are provided on the spot. Karsten Hilbert -- GPG key ID E4071346 @ eu.pool.sks-keyservers.net E167 67FD A291 2BEA 73BD 4537 78B9 A9F9 E407 1346 -- Sent via pgsql-general mailing list (pgsql-general@xxxxxxxxxxxxxx) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-general
