Home > mailing lists

giving a user permission to kill their processes only - Mailing list pgsql-general

From	George Nychis
Subject	giving a user permission to kill their processes only
Date	February 28, 2007 19:19:54
Msg-id	45E5E3CE.5000909@cmu.edu Whole thread Raw
Responses	Re: giving a user permission to kill their processes only (Robert Treat <xzilla@users.sourceforge.net>)
List	pgsql-general

Tree view

Hey all,

So the pg_cancel_backend() function by default is only available to super users, so I decided
to write a wrapper function around, use a SECURITY DEFINER, and GRANT my user privilege to use
the wrapper.

BEGIN;
CREATE FUNCTION kill_process(integer) RETURNS boolean AS 'select pg_cancel_backend($1);'
LANGUAGE SQL SECURITY DEFINER;
REVOKE EXECUTE ON FUNCTION kill_process(integer) FROM PUBLIC;
COMMIT;
GRANT EXECUTE ON FUNCTION kill_process(integer) TO gnychis;

The problem with this is I can now kill other users postgresql processes.  I was wondering if
anyone knows a way in which i can check that the postgres process being killed is running a
query for that user?  Therefore, they can't kill queries in postgres processes started by other
users.

Thanks!
George

pgsql-general by date:

From: Andrew Edson
Date: 28 February 2007, 18:55:55
Subject: Select retrieval slowdown after db drop/reload. Suggestions?

From: Tom Lane
Date: 28 February 2007, 19:41:11
Subject: Re: How often do I need to reindex tables?

giving a user permission to kill their processes only - Mailing list pgsql-general

Previous

Next