Re: [HACKERS] proposal: session server side variables
От | Fabien COELHO |
---|---|
Тема | Re: [HACKERS] proposal: session server side variables |
Дата | |
Msg-id | alpine.DEB.2.20.1612261717460.4911@lancre обсуждение исходный текст |
Ответ на | Re: [HACKERS] proposal: session server side variables (Pavel Stehule <pavel.stehule@gmail.com>) |
Ответы |
Re: [HACKERS] proposal: session server side variables
|
Список | pgsql-hackers |
> please, can send link? My badly interpreted PL/SQL example was on the same page you point to below: > so some better documentation > https://docs.oracle.com/cd/E11882_01/appdev.112/e25519/packages.htm#LNPLS99926 There is a private 'number_hired' which given its name I thought was counting the number of employee, but it was just counting the number of "hire_employee" calls in the current session... Not very interesting. > I am sure, so package variables are not shared between sessions/backends Indeed, I misinterpreted the Oracle documentation example. >> [ grantable function example to access a private session variable... ] > > I am sorry, it is not secure. Theoretically it can work if you have > granted order of function calls, but if not? I'm not sure I understand. If you do not grant/revoke permissions as you want on the functions, then it can be invoked by anybody. My point is that it is *possible* to tune permissions so as to control exactly who may access a private session variable. That is exactly the same with a grantable session variable if you do not have done the necessary grant/revoke, there is no difference? -- Fabien.
В списке pgsql-hackers по дате отправления: