On 2012-01-31 15:28, Robert Haas wrote:
>
> *scratches head*
>
> I'm not sure I follow you. If you're saying that we can make this
> work by always allowing the value to be reset, then I agree with you,
> but I'm not sure those are the semantics KaiGai wants. For instance,
> if a connection pooler does:
>
> SET sepgsql.client_label = 'bob_t';
>
> ...and then hands off to the client, the client can then do:
>
> RESET sepgsql.client_label;
> SET sepgsql.client_label = 'alice_t';
>
> ....and that's bad.
Hmm yes this is a problem. Reading the original post better, it is also
not the intended behaviour to support repeatable client_label switches.
"However, single-directed domain transition from bigger-privileges to
smaller-privileged domain by users' operation is also supported on
operating system, and useful feature to restrict applications capability
at beginning of the session."
--
Yeb Havinga
http://www.mgrid.net/
Mastering Medical Data