On Sun, Oct 02, 2011 at 06:55:51AM -0400, Robert Haas wrote: > On Sat, Oct 1, 2011 at 10:11 PM, Euler Taveira de Oliveira > <eu...@timbira.com> wrote: > > On 01-10-2011 17:44, Daniel Farina wrote: > >> On Fri, Sep 30, 2011 at 9:30 PM, Tom Lane<t...@sss.pgh.pa.us> ?wrote: > >>> ISTM it would be reasonably non-controversial to allow users to issue > >>> pg_cancel_backend against other sessions logged in as the same userID. > >>> The question is whether to go further than that, and if so how much. > >> > >> In *every* case -- and there are many -- where we've had people > >> express pain, this would have sufficed.
+1 for allowing that unconditionally. > > I see. What about passing this decision to DBA? I mean a GUC > > can_cancel_session = user, dbowner (default is '' -- only superuser). You > > can select one or both options. This GUC can only be changed by superuser. > > Or how about making it a grantable database-level privilege? I think either is overkill. You can implement any policy by interposing a SECURITY DEFINER wrapper around pg_cancel_backend(). nm -- Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers
