Re: Security Issues: Allowing Clients to Execute SQL in the Backend.

Поиск
Список
Период
Сортировка
От Hello World
Тема Re: Security Issues: Allowing Clients to Execute SQL in the Backend.
Дата
Msg-id CAB8jeLncNnnS-ePEkwAL-Z--rk_1x+fXWsRYCzMh1QbjcdqKFw@mail.gmail.com
обсуждение исходный текст
Ответ на Re: Security Issues: Allowing Clients to Execute SQL in the Backend.  (Albe Laurenz <laurenz.albe@wien.gv.at>)
Ответы Re: Security Issues: Allowing Clients to Execute SQL in the Backend.  (Geoff Montee <geoff.montee@gmail.com>)
Список pgsql-general
Дерево обсуждения

SET statement_timeout=0;
SET work_mem=1024GB;

I just realized about the SET command.

Isn't it weird that any user can set parameters such as this that will apply server wide? to all future sessions?

I noticed that some of the parameters can only be set by superusers, and some require re-start, but still. Anybody can re-configure the server..... ??

В списке pgsql-general по дате отправления:

Предыдущее
От: Willy-Bas Loos
Дата:
Сообщение: Re: importing a messy text file
Следующее
От: Francisco Olarte
Дата:
Сообщение: Re: Vacuuming strategy