| From: | "Guy Rouillier" <guyr(at)masergy(dot)com> |
|---|---|
| To: | "PostgreSQL General" <pgsql-general(at)postgresql(dot)org> |
| Subject: | Re: Scheduler in Postgres |
| Date: | 2004-12-20 17:53:50 |
| Message-ID: | CC1CF380F4D70844B01D45982E671B2348E4DB@mtxexch01.add0.masergy.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general |
Tom Lane wrote:
> Christopher Browne <cbbrowne(at)acm(dot)org> writes:
>> Centuries ago, Nostradamus foresaw when decibel(at)decibel(dot)org ("Jim C.
>> Nasby") would write:
>>> In PostgreSQL, there's currently no way to assume the identity of
>>> another user.
>
>> I'm confused at that...
>
>> There seem to be ways at time of connection establishment, whether
>> via the psql "-U" option, or the PGconnect "dbuser=foo" option, or
>> during a psql session via "\c - newuser".
>
> Not to mention SET SESSION AUTHORIZATION.
Chris, all the options you mention require the entry of a password, or
for SET SESSION AUTHORIZATION, that the original connection was made by
a superuser (which in turn would have required entry of a password.)
It's possible to circumvent this with trust authentication, but the
PostgreSQL documentation recommends against general use of trust
authentication (and I agree with that recommendation in a production
environment.)
As described in other messages in this thread, putting a scheduler in
the database would allow authentication to be done at the time the job
is set up, and then the job to be run without reauthorization.
--
Guy Rouillier
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Tom Lane | 2004-12-20 18:24:47 | Re: Scheduler in Postgres |
| Previous Message | Michael Fuhr | 2004-12-20 17:36:36 | Re: A "cascade on delete" constraints deletes AFTER the source is gone?? |