Re: pg_terminate_backend and pg_cancel_backend by not administrator user
| От | Josh Kupershmidt |
|---|---|
| Тема | Re: pg_terminate_backend and pg_cancel_backend by not administrator user |
| Дата | |
| Msg-id | AANLkTike=aUo2A6HDmkep99u5p4RiGywjmgn82-6T09p@mail.gmail.com обсуждение исходный текст |
| Ответ на | Re: pg_terminate_backend and pg_cancel_backend by not administrator user (Anssi Kääriäinen <anssi.kaariainen@thl.fi>) |
| Список | pgsql-hackers |
On Mon, Feb 14, 2011 at 8:58 AM, Anssi Kääriäinen <anssi.kaariainen@thl.fi> wrote: > On 02/14/2011 02:10 PM, Torello Querci wrote: >> >> I suppose that give the right to the owner db user to terminate or >> cancel other session connected to the database which it is owner is a >> good thing. >> I not see any security problem because this user can cancel or >> terminate only the session related with the own database, >> but if you think that this is a problem, a configuration parameter can be >> used. > > For what it's worth, a big +1 from me. We have pretty much the same use > case. > > It would be good if you could also terminate your own connections. The superuser-only restriction for pg_cancel_backend() has been a pet peeve of mine as well. I actually posted a patch a while back to let users pg_cancel_backend() their own queries, see: http://archives.postgresql.org/pgsql-admin/2010-02/msg00052.php IMO it'd be better to do away with this patch's check of: /* If the user not is the superuser, need to be the db owner.*/ and instead just check if the target session's user matches that of the cancel requester. Additionally, this patch keeps all the permission checking inside pg_signal_backend(). That's fine if we're sure that we want pg_cancel_backend() and pg_terminate_backend() to undergo the same permissions check, but perhaps it's a bad idea to relax the permissions check on pg_terminate_backend() ? Josh
В списке pgsql-hackers по дате отправления: