Re: ASYNC Privileges proposal
От | Tom Lane |
---|---|
Тема | Re: ASYNC Privileges proposal |
Дата | |
Msg-id | 13601.1369016587@sss.pgh.pa.us обсуждение исходный текст |
Ответ на | ASYNC Privileges proposal (Chris Farmiloe <chrisfarms@gmail.com>) |
Ответы |
Re: ASYNC Privileges proposal
|
Список | pgsql-hackers |
Chris Farmiloe <chrisfarms@gmail.com> writes: > I find the current LISTEN / NOTIFY rather limited in the context of > databases with multiple roles. As it stands it is not possible to restrict > the use of LISTEN or NOTIFY to specific roles, and therefore notifications > (and their payloads) cannot really be trusted as coming from any particular > source. TBH, nobody has complained about this in the fifteen-plus years that LISTEN has been around. I'm dubious about adding privilege-checking overhead for everybody to satisfy a complaint from one person. > I'd like to propose a new ASYNC database privilege that would control > whether a role can use LISTEN, NOTIFY and UNLISTEN statements and the > associated pg_notify function. ... and if I did think that there were an issue here, I doubt I'd think that a privilege as coarse-grained as that would fix it. Surely you'd want per-channel privileges if you were feeling paranoid about this, not to mention separate read and write privileges. But the demand for that just isn't out there. regards, tom lane
В списке pgsql-hackers по дате отправления: