Quick Links

Re: system variable can be edited by all user?

From:	Laurenz Albe <laurenz(dot)albe(at)cybertec(dot)at>
To:	chris navarroza <canavarroza(dot)work(at)gmail(dot)com>, pgsql-general(at)postgresql(dot)org
Subject:	Re: system variable can be edited by all user?
Date:	2022-11-22 08:43:04
Message-ID:	41929232f76a097959fff8e189515ba86b94ccce.camel@cybertec.at
Views:	Raw Message \| Whole Thread \| Download mbox \| Resend email
Thread:
Lists:	pgsql-general

On Tue, 2022-11-22 at 14:25 +0800, chris navarroza wrote:
> Ive created a read only user (SELECT PRIVILEGE) but it turns out that this user
> can do this queries: SHOW work_mem; SET work_mem='40MB'; How do I limit him?

We call these "configuration parameters", and there is no way you can prevent
a database user from changing them for her session. The recommendation is not
to give untrustworthy users access to directly run SQL statements on the database.

Yours,
Laurenz Albe

In response to

system variable can be edited by all user? at 2022-11-22 06:25:31 from chris navarroza

Browse pgsql-general by date

	From	Date	Subject
Next Message	Alastair McKinley	2022-11-22 14:23:16	copying json data and backslashes
Previous Message	chris navarroza	2022-11-22 06:25:31	system variable can be edited by all user?