On Thu, Oct 26, 2017 at 09:21:24AM +0200, Pavel Stehule wrote: > Comments, notes?
I like it. I would further like to move all of postgresql.conf into the database, as much as possible, as well as pg_ident.conf and pg_hba.conf. Variables like current_user have a sort of nesting context functionality: calling a SECURITY DEFINER function "pushes" a new value onto current_user, then when the function returns the new value of current_user is "popped" and the previous value restored. It might be nice to be able to generalize this. Questions that then arise: - can one see up the stack? - are there permissions issues with seeing up the stack? I recently posted proposing a feature such that SECURITY DEFINER functions could observe the _caller_'s current_user. Nico -- -- Sent via pgsql-hackers mailing list ([email protected]) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers
