Re: pg_cancel_backend by non-superuser
| От | Dimitri Fontaine |
|---|---|
| Тема | Re: pg_cancel_backend by non-superuser |
| Дата | |
| Msg-id | m2d3efwaxr.fsf@2ndQuadrant.fr обсуждение исходный текст |
| Ответ на | Re: pg_cancel_backend by non-superuser (Noah Misch <noah@leadboat.com>) |
| Список | pgsql-hackers |
Noah Misch <noah@leadboat.com> writes: >> >> On Fri, Sep 30, 2011 at 9:30 PM, Tom Lane<tgl@sss.pgh.pa.us> ?wrote: >> >>> ISTM it would be reasonably non-controversial to allow users to issue >> >>> pg_cancel_backend against other sessions logged in as the same userID. >> >>> The question is whether to go further than that, and if so how much. >> >> >> >> In *every* case -- and there are many -- where we've had people >> >> express pain, this would have sufficed. > > +1 for allowing that unconditionally. +1 >> Or how about making it a grantable database-level privilege? > > I think either is overkill. You can implement any policy by interposing a > SECURITY DEFINER wrapper around pg_cancel_backend(). I still like the idea of grant cancel and grant terminate. For another patch. Regards, -- Dimitri Fontaine http://2ndQuadrant.fr PostgreSQL : Expertise, Formation et Support
В списке pgsql-hackers по дате отправления: