On Fri, Jul 01, 2011 at 07:31:30PM +0200, Torello Querci wrote:
> 2011/6/2 Noah Misch :
> > Having thought about this some more, I do now see a risk. ?Currently, a
> > SECURITY
> > DEFINER function (actually any function, but that's where it matters) can
> > trap
> > query_canceled. ?By doing so
On Wed, Jun 01, 2011 at 10:26:34PM -0400, Josh Kupershmidt wrote:
> On Wed, Jun 1, 2011 at 5:55 PM, Noah Misch wrote:
> > On Sun, May 29, 2011 at 10:56:02AM -0400, Josh Kupershmidt wrote:
> >> Looking around, I see there were real problems[1] with sending SIGTERM
> >> to individual backends back i
On Sun, May 29, 2011 at 10:56:02AM -0400, Josh Kupershmidt wrote:
> On Sun, May 29, 2011 at 5:04 AM, Noah Misch wrote:
> > What risks arise from unconditionally allowing these calls for the same
> > user's
> > backends? ?`pg_cancel_backend' ought to be safe enough; the user always has
> > access
On Sat, May 28, 2011 at 01:44:20PM -0400, Josh Kupershmidt wrote:
> Anssi and I posted some initial feedback on the patch's goals earlier.
> I would like to ultimately see users have the capability to
> pg_cancel_backend() their own queries. But I could at least conceive
> of others not wanting thi
