Home > mailing lists

Re: Proposal to sync SET ROLE and pg_stat_activity - Mailing list pgsql-hackers

From	Bernd Helmle
Subject	Re: Proposal to sync SET ROLE and pg_stat_activity
Date	August 28, 2008 08:05:01
Msg-id	D366E0AF519EB334417C8695@imhotep.credativ.de Whole thread Raw
In response to	Proposal to sync SET ROLE and pg_stat_activity (Grant Finnemore <grant@guruhut.com>)
Responses	Re: Proposal to sync SET ROLE and pg_stat_activity (Grant Finnemore <grant@guruhut.com>)
List	pgsql-hackers

Tree view

--On Mittwoch, August 27, 2008 09:35:03 +0200 Grant Finnemore 
<grant@guruhut.com> wrote:

> I have a session pool, where all connections to the database are
> obtained as a superuser. On issuing connections to the client, we
> invoke either SET ROLE or SET SESSION AUTHORIZATION and switch to
> a role with less permissions. This means that we don't have to
> reserve a connection per user, and we can still use the database
> access restrictions.

But you have to ensure that your session pool is smaller than 
max_connections, since this will eat up superuser_reserved_connections and 
would make administrator intervention  impossible under certain 
circumstances.

And why do you need to hack pg_stat_activity, isn't it possible to plug 
your own view in?

--  Thanks
                   Bernd

pgsql-hackers by date:

From: Tom Lane
Date: 28 August 2008, 05:02:06
Subject: Re: TODO <-> Commitfest

From: Grant Finnemore
Date: 28 August 2008, 08:37:16
Subject: Re: Proposal to sync SET ROLE and pg_stat_activity

Re: Proposal to sync SET ROLE and pg_stat_activity - Mailing list pgsql-hackers

Previous

Next