On 2012-04-04, leaf_yxj <leaf_...@163.com> wrote: > Hi Aaron: thanks. I tried the security definer. it works well as follows : > > CREATE FUNCTION kill_process(integer) RETURNS boolean AS 'select > pg_cancel_backend($1);' LANGUAGE SQL SECURITY DEFINER; > > ---- One more question about this function : if non-super user get the > execute this function, he/her will have privilege to kill all the processes > which belong to the postgresql process. How can we avoid that happing.
revoke execute on function kill_process(integer) from public; grant execute on function kill_process(integer) to db_admin; assuming db_admin is a role granted to all those who you want to have access, you can instead grans execute to each individual (or some combination of those two) -- ⚂⚃ 100% natural -- Sent via pgsql-general mailing list (pgsql-general@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-general
