| From: | Andres Freund <andres(at)anarazel(dot)de> |
|---|---|
| To: | Stephen Frost <sfrost(at)snowman(dot)net> |
| Cc: | Michael Paquier <michael(at)paquier(dot)xyz>, Jacob Champion <pchampion(at)vmware(dot)com>, "rjuju123(at)gmail(dot)com" <rjuju123(at)gmail(dot)com>, "pgsql-hackers(at)postgresql(dot)org" <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | Re: [PATCH] Expose port->authn_id to extensions and triggers |
| Date: | 2022-03-02 21:27:40 |
| Message-ID: | 20220302212740.krbycl3nzvp5y2k5@alap3.anarazel.de |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
Hi,
On 2022-03-01 08:35:27 -0500, Stephen Frost wrote:
> I'm not really sure why we're arguing about this, but clearly the authn
> ID of the leader process is what should be used because that's the
> authentication under which the parallel worker is running, just as much
> as the effective role is the authorization. Having this be available in
> worker processes would certainly be good as it would allow more query
> plans to be considered when these functions are used. At this time, I
> don't think that outweighs the complications around having it and I'm
> not suggesting that Jacob needs to go do that, but surely it would be
> better.
I don't think we should commit this without synchronizing the authn between
worker / leader (in a separate commit). Too likely that some function that's
marked parallel ok queries the authn_id, opening up a security/monitoring hole
or such because of a bogus return value.
Greetings,
Andres Freund
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Robert Haas | 2022-03-02 21:27:47 | Re: wrong fds used for refilenodes after pg_upgrade relfilenode changes Reply-To: |
| Previous Message | Andres Freund | 2022-03-02 21:22:34 | Re: Add 64-bit XIDs into PostgreSQL 15 |