Search Postgresql Archives

Re: Disallow SET command in a postgresql server

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

My grant/revoke architecture is fine, you mean about costly cpu/ram queries?


2013/4/9 Tom Lane <tgl@xxxxxxxxxxxxx>
Fabio Rueda Carrascosa <avances123@xxxxxxxxx> writes:
> Im planning to publish my postgresql server to a few untrusted clients.
> I dont want them to modify any runtime setting, like work_mem or something
> risky to my server. In general I assume the pg_catalog schema is public but
> I don't want to allow updating pg_settings at all.

If you're allowing untrustworthy users to execute arbitrary SQL,
preventing them from using SET would not make very much difference
in how much trouble they can cause.  You're wasting your time worrying
about this.

                        regards, tom lane

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Postgresql Jobs]     [Postgresql Admin]     [Postgresql Performance]     [Linux Clusters]     [PHP Home]     [PHP on Windows]     [Kernel Newbies]     [PHP Classes]     [PHP Books]     [PHP Databases]     [Postgresql & PHP]     [Yosemite]
  Powered by Linux