Re: Cross-backend signals and administration (Was: Re: pg_terminate_backend for same-role)
| От | Andrew Dunstan |
|---|---|
| Тема | Re: Cross-backend signals and administration (Was: Re: pg_terminate_backend for same-role) |
| Дата | |
| Msg-id | 4F722382.2000300@dunslane.net обсуждение исходный текст |
| Ответ на | Re: Cross-backend signals and administration (Was: Re: pg_terminate_backend for same-role) ("Kevin Grittner" <Kevin.Grittner@wicourts.gov>) |
| Ответы |
Re: Cross-backend signals and administration (Was: Re:
pg_terminate_backend for same-role)
|
| Список | pgsql-hackers |
On 03/27/2012 03:14 PM, Kevin Grittner wrote: > Andres Freund<andres@anarazel.de> wrote: >> On Tuesday, March 27, 2012 07:51:59 PM Kevin Grittner wrote: >>>> Well, I guess if you have different people sharing the same >>>> user-ID, you probably wouldn't want that. >>> >>> As Tom pointed out, if there's another person sharing the user ID >>> you're using, and you don't trust them, their ability to cancel >>> your session is likely way down the list of concerns you should >>> have. >> Hm. I don't think that is an entirely valid argumentation. The >> same user could have entirely different databases. They even could >> have distinct access countrol via the clients ip. >> I have seen the same cluster being used for prod/test instances at >> smaller shops several times. >> >> Whether thats a valid usecase I have no idea. > > Well, that does sort of leave an arguable vulnerability. Should the > same user only be allowed to kill the process from a connection to > the same database? > It might be a reasonable restriction in theory, but I doubt it's much of a security gain. cheers andrew
В списке pgsql-hackers по дате отправления: