On Tue, Mar 27, 2012 at 11:04, Noah Misch <n...@leadboat.com> wrote: > On Mon, Mar 26, 2012 at 07:53:25PM -0400, Robert Haas wrote: >> I think the more important question is a policy question: do we want >> it to work like this? It seems like a policy question that ought to >> be left to the DBA, but we have no policy management framework for >> DBAs to configure what they do or do not wish to allow. Still, if >> we've decided it's OK to allow cancelling, I don't see any real reason >> why this should be treated differently. > > The DBA can customize policy by revoking public execute permissions on > pg_catalog.pg_terminate_backend and interposing a security definer function > implementing his checks. For the population who will want something different > here, that's adequate.
Well, by that argument, we can keep pg_terminate_backend superuser only and have the user wrap a security definer function around it to *get* it, no? -- Magnus Hagander Me: http://www.hagander.net/ Work: http://www.redpill-linpro.com/ -- Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers