On Thu, 2004-11-11 at 23:05 -0500, Bruce Momjian wrote:
> Andrew McMillan wrote:
> -- Start of PGP signed section.
> > On Wed, 2004-11-10 at 11:45 -0500, Tom Lane wrote:
> > > Andrew McMillan <andrew@catalyst.net.nz> writes:
> > > > When tracking down gnarly problems in heavily multi-user applications
> > > > enabling higher log levels at selective points has the potential to help
> > > > _a lot_ with diagnostic detail, without smothering you in _every_
> > > > detail.
> > >
> > > Sure. As I pointed out in the other thread, if you want to allow an app
> > > to do this, you can make available a SECURITY DEFINER function that
> > > performs the desired SET on its behalf. By setting execute permissions
> > > on the function and/or including restrictions in the function's code,
> > > you can make this as tight or as loose a loophole as you like. So it's
> > > certainly possible to do what you want in any case. I think the issue
> > > at hand is what's appropriate to provide as hard-wired functionality.
> >
> > That sounds excellent - I hadn't realised that this workaround would be
> > possible, and indeed with this in place that will provide even better
> > control over the facility.
>
> OK, here is one vote for the ALTER USER/remove USERLIMIT croud, and you
> were the person who originally mentioned the problem. You don't think
> the function creation is hard. Perhaps that's the way to go then.
Yes, I agree - it seems good.
Also, I don't see that this function would need to be "written under
stress" as ISTR you suggested elsewhere - any analysis like this is
going to be following on from review of other statistics - I think it
would normally be a well-planned process.
Cheers, Andrew.
-------------------------------------------------------------------------
Andrew @ Catalyst .Net .NZ Ltd, PO Box 11-053, Manners St, Wellington
WEB: http://catalyst.net.nz/ PHYS: Level 2, 150-154 Willis St
DDI: +64(4)803-2201 MOB: +64(272)DEBIAN OFFICE: +64(4)499-2267 How many things I can do without!
--Socrates
-------------------------------------------------------------------------