On Mon, 27 Jan 2003, Shridhar Daithankar wrote:
> I went thr http://candle.pha.pa.us/main/writings/pgsql/sgml/sql-set-session-
> authorization.html to get what it is. I didn't have an idea of such thing.
>
> Back to the topic, yes, pretty much except for few differences.
>
> 1) It says 'The session user identifier may be changed only if the initial
> session user (the authenticated user) had the superuser privilege. Otherwise,
> the command is accepted only if it specifies the authenticated user name.'
>
> That mean an ordinary user can not set session to any other authorised user. It
> is like running setuid program with input accessible to any user.
>
> 2) Where do I specify password? I mean I take a password and start a connection
> to database. But when it comes to switching connection, there is no password.
> Probably because only superuser can switch connection?
>
> If there is a password clause there and if any user can switch to any user,
> then it is the thing I am looking for. Probably even excluding switching to
> superuser as a security measure.
I need this feature also. The problem with set session authorization is
that you can always change back so it's not that secure. Actually I wanted
to have a function that could augment the privileges of user if supplied
the right password, which in turn had nothing to do with original
password. I believe it could be easy to implement such a function in C.
But it could be better and easier to have pl/pgsql function that could set
the session authorization.
So, could it be made possible that pl/pgsql functions created by superuser
could "set session authorization" even when not called by superuser (or
user logged in as superuser)?
--
Antti Haapala