"Greg Sabino Mullane" <greg@xxxxxxxxxxxx> writes: > Quick idea to toss out there: allowing an option to LISTEN to > only 'hear' from superusers (or self). This seems like a pretty bad idea from a security policy standpoint, in that it would encourage use of superuser state to run ordinary applications. > I've got an app that uses a lot > of listen/notify to talk to other subprocesses. However, it > would be nice if non-superusers could not affect the behavior > of this application: right now, anyone can issue a NOTIFY. Anyone connected to the same database, yes. Can't you just restrict use of the database to trustworthy apps? regards, tom lane -- Sent via pgsql-general mailing list (pgsql-general@xxxxxxxxxxxxxx) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-general
