Tom Lane wrote:
> It looks to me like the code in AlterSetting() will allow an ordinary
> user to blow away all settings for himself. Even those that are for
> SUSET variables and were presumably set for him by a superuser. Isn't
> this a security hole? I would expect that an unprivileged user should
> not be able to change such settings, not even to the extent of
> reverting to the installation-wide default.
Yes, I completely overlooked the fact that users should not be able to
blow away GUCs set by superuser. I can't handle this right now though,
as I'm leaving in a couple of days and won't return until cca. Dec. 1st.
If this can wait (and I think it does) then I'll handle it then;
otherwise I'd appreciate if someone else could take a look and fix it.
--
Alvaro Herrera http://www.CommandPrompt.com/
The PostgreSQL Company - Command Prompt, Inc.