Quick Links

Re: Implications of having large number of users

From:	Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>
To:	"Albe Laurenz" <laurenz(dot)albe(at)wien(dot)gv(dot)at>
Cc:	"Robert Haas EXTERN" <robertmhaas(at)gmail(dot)com>, "Mike Ivanov EXTERN" <mikei(at)activestate(dot)com>, pgsql-performance(at)postgresql(dot)org
Subject:	Re: Implications of having large number of users
Date:	2009-06-24 13:52:34
Message-ID:	27398.1245851554@sss.pgh.pa.us
Views:	Raw Message \| Whole Thread \| Download mbox \| Resend email
Thread:
Lists:	pgsql-performance

"Albe Laurenz" <laurenz(dot)albe(at)wien(dot)gv(dot)at> writes:
> Robert Haas wrote:
>> I don't think this is true. You can use SET SESSION AUTHORIZATION,
>> right?

> You are right, I overlooked that.
> It is restricted to superusers though.

That sort of thing is only workable if you have trustworthy client code
that controls what queries the users can issue. If someone can send raw
SQL commands then he just needs to do RESET SESSION AUTHORIZATION to
become superuser.

regards, tom lane

In response to

Re: Implications of having large number of users at 2009-06-24 13:02:57 from Albe Laurenz

Responses

Re: Implications of having large number of users at 2009-06-24 14:30:39 from Robert Haas

Browse pgsql-performance by date

	From	Date	Subject
Next Message	Robert Haas	2009-06-24 14:30:39	Re: Implications of having large number of users
Previous Message	Albe Laurenz	2009-06-24 13:02:57	Re: Implications of having large number of users