| From: | Derrick Rice <derrick(dot)rice(at)gmail(dot)com> |
|---|---|
| To: | Marc Mamin <M(dot)Mamin(at)intershop(dot)de> |
| Cc: | pgsql-general(at)postgresql(dot)org |
| Subject: | Re: RESET ROLE and search_path, Connection pool |
| Date: | 2010-12-03 23:21:10 |
| Message-ID: | AANLkTikbHNZWU_4WvRE3VTEJZQk8L8RAqUhz8F=7Y7n0@mail.gmail.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general |
On Fri, Dec 3, 2010 at 5:13 AM, Marc Mamin <M(dot)Mamin(at)intershop(dot)de> wrote:
> Hello,
>
> We are thinking about using a (java based) connection pool.
> An issue is that there are many different users to connect.
> My idea is to only have superuser connections in the pool
> and change the connection role (with SET ROLE) each time
> a user pick a connection there.
>
>
Tangential to your question, but important:
Obviously each "user" could use RESET ROLE and become the super user. This
means that every piece of code that uses this pool needs to have security
appropriate for code using the super user. i.e. "Whatever, it's just using
a read-only role, nothing bad can happen" is no longer a valid argument (if
it ever was).
Do you have that much faith / trust in every "user"?
* "user" in quotes because I'm guessing you are referring to different
portions of your application / application suite and hopefully not
individual persons.
Derrick
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Guillaume Lelarge | 2010-12-03 23:32:05 | Re: Looking for auto starting procedures |
| Previous Message | James B. Byrne | 2010-12-03 21:04:56 | Re: PG84 and SELinux |