Re: [PLUG] user accounts for application

[Tim Allen via plug <plug@lists.phillylinux.org>]

Hi Rita, it is normally a best security practice to use a non-database account. The `postgres` user account has special privileges in the default PostgreSQL configuration. For example, as the `postgres` user, you can type `psql` and have a root, superuser role PostgreSQL command prompt. It is fully privileged to do anything and everything to your PostgreSQL instance. Giving Jenkins the ability to do that probably isn't what you want!

Regards,

Tim

On Wed, Feb 5, 2020 at 10:42 AM Rita via plug <plug@lists.phillylinux.org> wrote:

I run a small lab which we use Jenkins to checkout, test, and deploy our software. Jenkins runs as the application id: postgres. 

I had a discussion with a colleague and she told me that she prefers running her builds as non-database/application specific user. 

Is there a reason why you would want to do this? It creates more hassles but they made be justified. I for one don't see any reason but I could be wrong.

--

--- Get your facts first, then you can distort them as you please.--

___________________________________________________________________________
Philadelphia Linux Users Group         --        http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion  --   http://lists.phillylinux.org/mailman/listinfo/plug

___________________________________________________________________________
Philadelphia Linux Users Group         --        http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion  --   http://lists.phillylinux.org/mailman/listinfo/plug