Home > mailing lists

Re: Cross-backend signals and administration (Was: Re: pg_terminate_backend for same-role) - Mailing list pgsql-hackers

From	Tom Lane
Subject	Re: Cross-backend signals and administration (Was: Re: pg_terminate_backend for same-role)
Date	March 27, 2012 13:49:44
Msg-id	29067.1332856165@sss.pgh.pa.us Whole thread Raw
In response to	Re: Cross-backend signals and administration (Was: Re: pg_terminate_backend for same-role) (Noah Misch <noah@leadboat.com>)
List	pgsql-hackers

Tree view

Noah Misch <noah@leadboat.com> writes:
> On Mon, Mar 26, 2012 at 07:53:25PM -0400, Robert Haas wrote:
>> I think the more important question is a policy question: do we want
>> it to work like this?

> The DBA can customize policy by revoking public execute permissions on
> pg_catalog.pg_terminate_backend and interposing a security definer function
> implementing his checks.  For the population who will want something different
> here, that's adequate.

I don't particularly trust solutions that involve modifying
system-defined objects.  In this case, a dump and reload would be
sufficient to create a security hole, because the REVOKE would go away.

(Now, I'm not particularly concerned about the issue in the first place.
Just pointing out that for someone who is, the above isn't a great
solution.)
        regards, tom lane

pgsql-hackers by date:

From: Andrew Dunstan
Date: 27 March 2012, 13:46:40
Subject: Re: Odd out of memory problem.

From: Alex Shulgin
Date: 27 March 2012, 14:14:18
Subject: Re: Another review of URI for libpq, v7 submission

Re: Cross-backend signals and administration (Was: Re: pg_terminate_backend for same-role) - Mailing list pgsql-hackers

Previous

Next