Home > mailing lists

Re: RFC: Non-user-resettable SET SESSION AUTHORISATION - Mailing list pgsql-hackers

From	Robert Haas
Subject	Re: RFC: Non-user-resettable SET SESSION AUTHORISATION
Date	May 20, 2015 18:21:15
Msg-id	CA+TgmoZmiQQQRPK79qwCWaxUYo=bbPVy1FJ+F4C7TWpBo=8FsQ@mail.gmail.com Whole thread Raw
In response to	Re: RFC: Non-user-resettable SET SESSION AUTHORISATION (Simon Riggs <simon@2ndQuadrant.com>)
Responses	Re: RFC: Non-user-resettable SET SESSION AUTHORISATION (Marko Tiikkaja <marko@joh.to>)
List	pgsql-hackers

Tree view

On Tue, May 19, 2015 at 5:02 PM, Simon Riggs <simon@2ndquadrant.com> wrote:
> That's a reasonable argument. So +1 to protocol from me.
>
> To satisfy Tom, I think this would need to have two modes: one where the
> session can never be reset, for ultra security, and one where the session
> can be reset, which allows security and speed of pooling.

I think the the second one is a lot more interesting, but I don't have
a problem with having the first one, too, if somebody wants it.  We
can use one protocol message for both, with a 1-byte character field
used to indicate which mode the client is requesting.

-- 
Robert Haas
EnterpriseDB: http://www.enterprisedb.com
The Enterprise PostgreSQL Company

pgsql-hackers by date:

From: Bruno Harbulot
Date: 20 May 2015, 18:13:26
Subject: Re: Problems with question marks in operators (JDBC, ECPG, ...)

From: Robert Haas
Date: 20 May 2015, 18:21:58
Subject: Re: Disabling trust/ident authentication configure option

Re: RFC: Non-user-resettable SET SESSION AUTHORISATION - Mailing list pgsql-hackers

Previous

Next