| From: | Yeb Havinga <yebhavinga(at)gmail(dot)com> |
|---|---|
| To: | Robert Haas <robertmhaas(at)gmail(dot)com> |
| Cc: | Kohei KaiGai <kaigai(at)kaigai(dot)gr(dot)jp>, PgHacker <pgsql-hackers(at)postgresql(dot)org>, Joshua Brindle <jbrindle(at)tresys(dot)com> |
| Subject: | Re: [v9.2] Add GUC sepgsql.client_label |
| Date: | 2012-01-31 15:27:08 |
| Message-ID: | 4F28084C.3010109@gmail.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
On 2012-01-31 15:28, Robert Haas wrote:
>
> *scratches head*
>
> I'm not sure I follow you. If you're saying that we can make this
> work by always allowing the value to be reset, then I agree with you,
> but I'm not sure those are the semantics KaiGai wants. For instance,
> if a connection pooler does:
>
> SET sepgsql.client_label = 'bob_t';
>
> ...and then hands off to the client, the client can then do:
>
> RESET sepgsql.client_label;
> SET sepgsql.client_label = 'alice_t';
>
> ....and that's bad.
Hmm yes this is a problem. Reading the original post better, it is also
not the intended behaviour to support repeatable client_label switches.
"However, single-directed domain transition from bigger-privileges to
smaller-privileged domain by users' operation is also supported on
operating system, and useful feature to restrict applications capability
at beginning of the session."
--
Yeb Havinga
http://www.mgrid.net/
Mastering Medical Data
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Gabriele Bartolini | 2012-01-31 15:29:51 | Re: Dry-run mode for pg_archivecleanup |
| Previous Message | Peter Geoghegan | 2012-01-31 14:44:19 | Re: Group commit, revised |