| From: | Joe Conway <mail(at)joeconway(dot)com> |
|---|---|
| To: | Jacob Champion <jchampion(at)timescale(dot)com> |
| Cc: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>, "Drouvot, Bertrand" <bdrouvot(at)amazon(dot)com>, PostgreSQL Hackers <pgsql-hackers(at)lists(dot)postgresql(dot)org> |
| Subject: | Re: SYSTEM_USER reserved word implementation |
| Date: | 2022-06-22 16:26:46 |
| Message-ID: | 075c68a2-72a6-1be4-34da-25e73e60016d@joeconway.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
On 6/22/22 11:35, Jacob Champion wrote:
> On Wed, Jun 22, 2022 at 8:10 AM Joe Conway <mail(at)joeconway(dot)com> wrote:
>> --- a/src/backend/utils/init/miscinit.c
>> +++ b/src/backend/utils/init/miscinit.c
>> @@ -473,6 +473,7 @@ static Oid AuthenticatedUserId = InvalidOid;
>> static Oid SessionUserId = InvalidOid;
>> static Oid OuterUserId = InvalidOid;
>> static Oid CurrentUserId = InvalidOid;
>> +static const char *SystemUser = NULL;
>>
>> /* We also have to remember the superuser state of some of these levels */
>> static bool AuthenticatedUserIsSuperuser = false;
>
> What's the rationale for introducing a new global for this? A downside
> is that now there are two sources of truth, for a security-critical
> attribute of the connection.
Why would you want to do it differently than
SessionUserId/OuterUserId/CurrentUserId? It is analogous, no?
--
Joe Conway
RDS Open Source Databases
Amazon Web Services: https://aws.amazon.com
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Tom Lane | 2022-06-22 16:28:43 | Re: SYSTEM_USER reserved word implementation |
| Previous Message | Joe Conway | 2022-06-22 16:22:36 | Re: SYSTEM_USER reserved word implementation |