Re: ToDo: possible more rights to database owners

Szymon,

* Szymon Guz (mabewlun(at)gmail(dot)com) wrote:
> On 29 July 2013 11:25, Pavel Stehule <pavel(dot)stehule(at)gmail(dot)com> wrote:
> > In 9.3 super user can cancel all queries or user can cancel own sessions.
> >
> > Is possible enhance this possibility to database owners? So owner can
> > cancel or can terminate sessions related to owned databases?

Interesting idea but I'm not sure that database ownership is really how
we want to drive this. I can certainly see cases where I'd like user
'X' to be able to cancel queries but where that user isn't the database
owner. Reducing the set of things that only a superuser can do is
certainly a worthwhile goal though.

> But this means that a db owner could cancel superuser's super important
> database query. Maybe let's make a default that the owner can cancel all
> queries except for superuser's ones. And additionaly a special right that
> superuser can grant it to the db owner, so the owner can cancel even
> superuser's queries?

I'm not sure that I buy this argument either, particularly as
"superuser-ness status" can change due to a simple 'set role' and you'd
always have a race condition where the sending process might not realize
that the receiving process suddenly became a superuser process. This
strikes me as an option we might attach to a role (ala create-user)
rather than drive it by database ownership and forget the whole thing
about trying to block it for superuser processes- either you can
terminate backends that aren't yours, or you can't.

Thanks,

Stephen