| From: | Andrew Dunstan <andrew(at)dunslane(dot)net> |
|---|---|
| To: | Pavel Stehule <pavel(dot)stehule(at)hotmail(dot)com> |
| Cc: | tgl(at)sss(dot)pgh(dot)pa(dot)us, pgsql-hackers(at)postgresql(dot)org |
| Subject: | Re: proposal: only superuser can change customized_options |
| Date: | 2007-03-02 22:12:39 |
| Message-ID: | 45E8A157.2020503@dunslane.net |
| Views: | Whole Thread | Raw Message | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
Pavel Stehule wrote:
>
>
>
>> From: Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>
>> To: "Pavel Stehule" <pavel(dot)stehule(at)hotmail(dot)com>
>> CC: pgsql-hackers(at)postgresql(dot)org
>> Subject: Re: [HACKERS] proposal: only superuser can change
>> customized_options Date: Fri, 02 Feb 2007 11:40:10 -0500
>>
>> "Pavel Stehule" <pavel(dot)stehule(at)hotmail(dot)com> writes:
>> > I want to use custmized option for security configuration one contrib
>> > library. Currently customized options are usable only for default
>> > configuration, because everybody can change it. It is substitution
>> of global
>> > variables.
>> > Decision if option is protected or not can be based on name of option.
>>
>> I dislike making it depend on spelling. There was discussion of this
>> problem before, and we had a much saner answer: when the module that
>> defines the variable gets loaded, discard any local setting if the
>> correct protection level of the variable is SUSET or higher. See the
>> archives.
>>
>> regards, tom lane
>
> I am finding it.
>
>
Pavel,
Is there any chance you can work on this? I suspect I won't have time.
You can see the original thread here:
cheers
andrew
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Simon Riggs | 2007-03-02 22:13:33 | Re: HOT - preliminary results |
| Previous Message | Bruce Momjian | 2007-03-02 22:05:41 | Re: [HACKERS] Deadlock with pg_dump? |