Re: Two-phase commit security restrictions

From: Josh Berkus <josh(at)agliodbs(dot)com>
To: pgsql-hackers(at)postgresql(dot)org
Subject: Re: Two-phase commit security restrictions
Date: 2004-10-13 21:39:49
Message-ID: 200410131439.49237.josh@agliodbs.com
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-hackers

Heikki,

> Another approach I've been thinking about is to allow anyone that knows
> the (user-supplied) global transaction identifier to finish the
> transaction, and hide the gids of running transactions from regular users.
> That way, the gid acts as a secret token that's only known by the
> transaction manager, much like the cancel key.

I agree with Tom; this is just inviting trouble. Restrict it to the original
user and the superuser. Since any 3rd-party transaction manager (such as
CJDBC) would use a single user to manage the transactions, I don't see that
this restriction is a problem.

--
--Josh

Josh Berkus
Aglio Database Solutions
San Francisco

Browse pgsql-hackers by date

  From Date Subject
Next Message Martha Chronopoulou 2004-10-13 21:48:06 implementing another hash join...
Previous Message Oliver Jowett 2004-10-13 21:26:06 Re: Two-phase commit security restrictions