On Tue, Mar 27, 2012 at 1:30 PM, Andrew Dunstan <and...@dunslane.net> wrote: >> Well, that does sort of leave an arguable vulnerability. Should the >> same user only be allowed to kill the process from a connection to >> the same database? >> > > It might be a reasonable restriction in theory, but I doubt it's much of a > security gain.
If this restriction makes anyone feel better, it doesn't bother/change anything for me in the slightest (for both terminate and cancel), and that way no interesting pg_hba.conf trickery will be broken, as far as I can see. -- fdr -- Sent via pgsql-hackers mailing list (firstname.lastname@example.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers