Home > mailing lists

Re: how to remove set_config from all user - Mailing list pgsql-novice

From	David G. Johnston
Subject	Re: how to remove set_config from all user
Date	January 19, 2018 01:36:05
Msg-id	CAKFQuwZk9tEvuFGPTX9GE3GjqsU+DSEBmaFBh836yUXRvU3=wg@mail.gmail.com Whole thread Raw
In response to	RE: how to remove set_config from all user (Garry Chen <gc92@cornell.edu>)
Responses	RE: how to remove set_config from all user
List	pgsql-novice

Tree view

On Thu, Jan 18, 2018 at 12:19 PM, Garry Chen <gc92@cornell.edu> wrote:

In that case what is the best practice for it? Any suggestion.

Please don't top-post.

Maybe you should explain why you want to do such a thing first. There isn't really any practice, let alone a best one, to do exactly what you say. Most system variables are changeable by users. There are some that can be changed that could be abused but the general thinking is that while doing so maliciously is possible there are lots of others ways a user with access to a database session can cause you grief too and that solutions to this attack vector are social, not technical, in nature.

David J.

pgsql-novice by date:

From: Garry Chen
Date: 19 January 2018, 01:19:17
Subject: RE: how to remove set_config from all user

From: Garry Chen
Date: 19 January 2018, 01:49:06
Subject: RE: how to remove set_config from all user

Re: how to remove set_config from all user - Mailing list pgsql-novice

Previous

Next