Robert Haas <robertmh...@gmail.com> writes: > On Fri, Dec 16, 2011 at 1:21 AM, Greg Smith <g...@2ndquadrant.com> wrote: >> ... If you assume someone can run through all the >> PIDs between those checks and the kill, the system is already broken that >> way.
> From a theoretical point of view, I believe it to be slightly > different. If a superuser sends a kill, they will certainly be > authorized to kill whatever they end up killing, because they are > authorized to kill anything. On the other hand, the proposed patch > would potentially result - in the extremely unlikely event of a > super-fast PID wraparound - in someone cancelling a query they > otherwise wouldn't have been able to cancel. > In practice, the chances of this seem fairly remote. I think this argument is bogus: if this is a real issue, then no use of kill() anytime, by anyone, is safe. In practice I believe that Unix systems avoid recycling PIDs right away so as to offer some protection. regards, tom lane -- Sent via pgsql-hackers mailing list (email@example.com) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers