| From: | John R Pierce <pierce(at)hogranch(dot)com> |
|---|---|
| To: | pgsql-general(at)postgresql(dot)org |
| Subject: | Re: Failing to known state |
| Date: | 2016-01-06 00:32:06 |
| Message-ID: | 568C6086.5070303@hogranch.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general |
On 1/5/2016 4:12 PM, oleg yusim wrote:
> I meant a scenario, when user is trying to connect to database
> (doesn't matter what interface) and database fails at this moment. If
> all authentication/authorization/validation functions are written to
> return false in case of abnormal termination, we are fine. If not, we
> can potentially encounter the situation when database fails into state
> where user is given greater privileges than he/she should or even
> authenticated, when he/she shouldn't.
if the postgres server processes terminate for any reason, there's
nothing to connect to. the client application will get a error like
'connection refused' back from the connection attempt, or if it was
already connected and the server aborts, the next query will return an
error like CONNECTION_BAD. there's no possible privilege elevation.
--
john r pierce, recycling bits in santa cruz
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Adrian Klaver | 2016-01-06 00:34:28 | Re: [SQL] plv8 installation problem |
| Previous Message | Scott Marlowe | 2016-01-06 00:32:03 | Re: Code of Conduct: Is it time? |