Re: Fwd: A million users
| От | walther@technowledgy.de |
|---|---|
| Тема | Re: Fwd: A million users |
| Дата | |
| Msg-id | c607b5e4-93c9-4c3d-9a1c-e3210ab91fb8@technowledgy.de обсуждение исходный текст |
| Ответ на | Re: Fwd: A million users (Eric Hanson <eric@aquameta.com>) |
| Ответы |
Re: Fwd: A million users
|
| Список | pgsql-general |
Eric Hanson: > Did you find some way to prevent RESET ROLE? I once advocated for a NO > RESET option on SET ROLE [1] so that RESET ROLE would be impossible for > the rest of the session. Still think it would be helpful. Yeah, this is still on my list of things to research more about eventually - currently still unsolved. For my use-case the NO RESET would need to apply until the end of the transaction, not end of the session. I imagine something like an extension, that would: - block any SET SESSION ROLE - block any RESET ROLE - only allow SET LOCAL ROLE when CURRENT_USER has the right to do so Then the effect of SET LOCAL ROLE would still be reversed at the end of the transaction, but you could never "escape" a SET LOCAL ROLE that was set earlier. Best, Wolfgang
В списке pgsql-general по дате отправления: