2009/10/19 Heikki Linnakangas <heikki.linnakangas@enterprisedb.com>:
> Pavel Stehule wrote:
>> 2009/10/19 Dave Page <dpage@pgadmin.org>:
>>> On Mon, Oct 19, 2009 at 8:37 AM, Peter Eisentraut <peter_e@gmx.net> wrote:
>>>> So this would effectively allow any minimally authorized user to write
>>>> whatever they want into the log file whenever they want? Doesn't sound
>>>> very safe to me.
>>> A user can do that anyway if query logging is turned on, but anyway,
>>> what would you suggest - accept a-zA-Z0-9 and a few other choice
>>> characters only, or just reject a handful (and if so, what)?
>>
>> I dislike write access to app name guc for user too. It's not safe.
>> Maybe only super user can do it?
>
> The application name is provided by the client. In the server, we have
> no control over what the client put there. We can limit it to certain
> characters, but other than that we just have to take it at face value.
>
> Or are you saying that it should not be possible for the client to
> change the value after connecting? That limits the usefulness with
> connection pools.
>
What I know, connections from connection pool without reset are shared
by one application. But I am not against some possibility to change
this value from application. I am against to possibility an change by
normal user. When we allow it, then this value has not any wight,
because any broken appliaction (via SQL injection) can change it.
Regards
Pavel Stehule
> --
> Heikki Linnakangas
> EnterpriseDB http://www.enterprisedb.com
>
