=?windows-1252?Q?Jos=E9_Luis_Tall=F3n?= <jltal...@adv-solutions.net> writes: > On the other hand, ISTM that what we all intend to achieve is some > Postgres equivalent of the SUID bit... so why not just do something > equivalent? > ------- > LOGIN -- as user with the appropriate role membership / privilege? > ... > SET ROLE / SET SESSION AUTHORIZATION WITH COOKIE / IMPERSONATE
> ... do whatever ... -- unprivileged user can NOT do the > "impersonate" thing > DISCARD ALL -- implicitly restore previous authz > ------- Oh? What stops the unprivileged user from doing DISCARD ALL? I think if we have something like this, it has to be non-resettable period: you can't get back the old session ID except by reconnecting and re-authorizing. Otherwise there's just too much risk of security holes. regards, tom lane -- Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers