What kind of security restrictions do we want for prepared transactions?
Who has the right to finish a transaction that was started by user A? At
least the original user, I suppose, but who else?
Under what account is the transaction manager typically going to run? A
separate TM account
Heikki Linnakangas [EMAIL PROTECTED] writes:
What kind of security restrictions do we want for prepared transactions?
Who has the right to finish a transaction that was started by user A? At
least the original user, I suppose, but who else?
I would say the original user, any superuser, and
Heikki Linnakangas wrote:
What kind of security restrictions do we want for prepared transactions?
Who has the right to finish a transaction that was started by user A? At
least the original user, I suppose, but who else?
Under what account is the transaction manager typically going to run? A
On Wed, Oct 13, 2004 at 11:58:21PM +0700, David Garamond wrote:
Heikki Linnakangas wrote:
Another approach I've been thinking about is to allow anyone that knows
the (user-supplied) global transaction identifier to finish the
transaction, and hide the gids of running transactions from
Heikki Linnakangas wrote:
What kind of security restrictions do we want for prepared
transactions? Who has the right to finish a transaction that was
started by user A? At least the original user, I suppose, but who
else?
Do we not require transaction initiation and conclusion to happen in
On Wed, 13 Oct 2004, Peter Eisentraut wrote:
Heikki Linnakangas wrote:
What kind of security restrictions do we want for prepared
transactions? Who has the right to finish a transaction that was
started by user A? At least the original user, I suppose, but who
else?
Do we not require transaction
Heikki Linnakangas wrote:
Another approach I've been thinking about is to allow anyone that knows
the (user-supplied) global transaction identifier to finish the
transaction, and hide the gids of running transactions from regular
users. That way, the gid acts as a secret token that's only known
Heikki,
Another approach I've been thinking about is to allow anyone that knows
the (user-supplied) global transaction identifier to finish the
transaction, and hide the gids of running transactions from regular users.
That way, the gid acts as a secret token that's only known by the
Alvaro Herrera wrote:
Another approach I've been thinking about is to allow anyone that knows
the (user-supplied) global transaction identifier to finish the
transaction, and hide the gids of running transactions from regular
users. That way, the gid acts as a secret token that's only known by
David Garamond wrote:
So it is possible for a user connected to the DB to send random commit
or cancel commands, just in case she happens to hit a valid GID?
It is not essentially different from someone trying to bruteforce a
password. A 128bit value like a random GUID is as strong as a 16 char
10 matches
Mail list logo
