Re: Cross-backend signals and administration (Was: Re: pg_terminate_backend for same-role)
| От | Kevin Grittner |
|---|---|
| Тема | Re: Cross-backend signals and administration (Was: Re: pg_terminate_backend for same-role) |
| Дата | |
| Msg-id | 4F71CB480200002500046714@gw.wicourts.gov обсуждение исходный текст |
| Ответ на | Re: Cross-backend signals and administration (Was: Re: pg_terminate_backend for same-role) (Andres Freund <andres@anarazel.de>) |
| Ответы |
Re: Cross-backend signals and administration (Was: Re:
pg_terminate_backend for same-role)
Re: Cross-backend signals and administration (Was: Re: pg_terminate_backend for same-role) |
| Список | pgsql-hackers |
Andres Freund <andres@anarazel.de> wrote: > On Tuesday, March 27, 2012 07:51:59 PM Kevin Grittner wrote: >>> Well, I guess if you have different people sharing the same >>> user-ID, you probably wouldn't want that. >> >> >> As Tom pointed out, if there's another person sharing the user ID >> you're using, and you don't trust them, their ability to cancel >> your session is likely way down the list of concerns you should >> have. > Hm. I don't think that is an entirely valid argumentation. The > same user could have entirely different databases. They even could > have distinct access countrol via the clients ip. > I have seen the same cluster being used for prod/test instances at > smaller shops several times. > > Whether thats a valid usecase I have no idea. Well, that does sort of leave an arguable vulnerability. Should the same user only be allowed to kill the process from a connection to the same database? -Kevin
В списке pgsql-hackers по дате отправления: