On Tue, Mar 27, 2012 at 1:30 PM, Andrew Dunstan <and...@dunslane.net> wrote:
>> Well, that does sort of leave an arguable vulnerability.  Should the
>> same user only be allowed to kill the process from a connection to
>> the same database?
> It might be a reasonable restriction in theory, but I doubt it's much of a
> security gain.

If this restriction makes anyone feel better, it doesn't bother/change
anything for me in the slightest (for both  terminate and cancel), and
that way no interesting pg_hba.conf trickery will be broken, as far as
I can see.


Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org)
To make changes to your subscription:

Reply via email to