Re: Review of GetUserId() Usage

On 9/24/14 4:58 PM, Stephen Frost wrote:
> Alvaro,
> 
> * Alvaro Herrera (alvherre@2ndquadrant.com) wrote:
>> I think the case for pgstat_get_backend_current_activity() and
>> pg_stat_get_activity and the other pgstatfuncs.c callers is easy to make
>> and seems acceptable to me; but I would leave pg_signal_backend out of
>> that discussion, because it has a potentially harmful side effect.  By
>> requiring SET ROLE you add an extra layer of protection against
>> mistakes.  (Hopefully, pg_signal_backend() is not a routine thing for
>> well-run systems, which means human intervention, and therefore the room
>> for error isn't insignificant.)
> 
> While I certainly understand where you're coming from, I don't really
> buy into it.  Yes, cancelling a query (the only thing normal users can
> do anyway- they can't terminate backends) could mean the loss of any
> in-progress work, but it's not like 'rm' and I don't see that it needs
> to require extra hoops for individuals to go through.

It would be weird if it were inconsistent: some things require role
membership, some things require SET ROLE.  Try explaining that.