| From: | Mario Splivalo <mario(dot)splivalo(at)megafon(dot)hr> |
|---|---|
| To: | pgsql-admin(at)postgresql(dot)org |
| Subject: | Re: Giving postgres roles 'sudo'-like access |
| Date: | 2011-12-20 08:14:25 |
| Message-ID: | 4EF043E1.4010808@megafon.hr |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-admin |
On 12/19/2011 07:46 PM, Craig James wrote:
> Backend Postgres processes run as the Postgres user, so they have
> permission to kill each other. You write an add-on function that just
> kills a process:
>
> select my_kill_backend(pid);
>
> Naturally, this is very dangerous. There are all sorts of security
> implications. You want to use signal 2 or 15, not 9. And so forth.
That 'my_kill_backend' actually calls kill, not pg_cancel/terminate_backend?
I'm thinking into creating this function, and granting particular role
access to it, and then make sure, in the function, that it can kill only
processes 'owned' by that role.
Mario
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Greg Smith | 2011-12-20 13:49:28 | Re: Giving postgres roles 'sudo'-like access |
| Previous Message | Lukasz Brodziak | 2011-12-19 22:01:13 | Re: information_schema.tables view does not exist |