Re: [HACKERS] search path security issue?
| От | Fabrízio de Royes Mello |
|---|---|
| Тема | Re: [HACKERS] search path security issue? |
| Дата | |
| Msg-id | CAFcNs+r9VXLj8DU6Ssu31Nob_OKsS2RBbCbTYovqfYp73TkxRg@mail.gmail.com обсуждение исходный текст |
| Ответ на | Re: [HACKERS] search path security issue? (Joe Conway <mail@joeconway.com>) |
| Список | pgsql-hackers |
On Sun, Oct 8, 2017 at 3:34 PM, Joe Conway <mail@joeconway.com> wrote:
>
> On 10/06/2017 12:52 AM, Magnus Hagander wrote:
> > It would be a nice feature to have in general, like a "basic guc
> > permissions" thing. At least allowing a superuser to prevent exactly
> > this. You could argue the same thing for example for memory parameters
> > and such. We have no permissions at all when it comes to userset gucs
> > today -- and of course, if something should be added about this, it
> > should be done in a way that works for all the userset variables, not
> > just search_path.
>
> +1
>
> I have wished for exactly that more than once before.
>
+1
I have a multi-user and schema database with some user restrictions because it's a shared environment (i.e: statement_timeout, lock_timeout). But some "smart" users change to the GUC default and sometimes we suffer with it. Would be nice to have some kind of guc permissions.
Regards,
--
Fabrízio de Royes Mello
Consultoria/Coaching PostgreSQL
>> Timbira: http://www.timbira.com.br
>> Blog: http://fabriziomello.github.io
>> Linkedin: http://br.linkedin.com/in/fabriziomello
>> Twitter: http://twitter.com/fabriziomello
>> Github: http://github.com/fabriziomello
--
Fabrízio de Royes Mello
Consultoria/Coaching PostgreSQL
>> Timbira: http://www.timbira.com.br
>> Blog: http://fabriziomello.github.io
>> Linkedin: http://br.linkedin.com/in/fabriziomello
>> Twitter: http://twitter.com/fabriziomello
>> Github: http://github.com/fabriziomello
В списке pgsql-hackers по дате отправления: