Re: Feature idea

On Tue, Jun 15, 2004 at 11:43:08AM -0400, Bill Moran wrote:
> Bruce Momjian <pgman(at)candle(dot)pha(dot)pa(dot)us> wrote:
> > Bill Moran wrote:
> > > Bruce Momjian <pgman(at)candle(dot)pha(dot)pa(dot)us> wrote:
> > > > Chris Ochs wrote:
> > > > > What if SET SESSION AUTHORIZATION could also accept a password so that non
> > > > > superusers could switch to a different user? How difficult would this be?
>
> Not to start an argument, but you could reverse that logic and say "Do you want
> to hurt the smart, ssl users by not including helpful functionality that could
> be dangerous to uneducated non-ssl users?"
> ...
> So, the question becomes one of design philosophy
> (at least, I'm basing this on the concept that actual implementation
> would not be too hard, correct me if I'm wrong)

How about each user can set up a list of authorised users that
are allowed to switch to their username.

This would then follow the same model as authorized_keys/.rhosts in
ssh/rsh

user1 could then call something like
> GRANT SESSION TO user2
which would allow user2 to switch to user1

Would it also be possible to restrict the grants when doing this?

e.g.
> GRANT SESSION SELECT ON DATABASE foo TO user2
> GRANT SESSION UPDATE ON TABLE bar TO user2

Which would allow updates to be made to table bar after the switch.

-Mark