Search Postgresql Archives

Re: Security Issues: Allowing Clients to Execute SQL in the Backend.

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

They don't apply server-wide. They apply to that user's session:

http://www.postgresql.org/docs/8.4/interactive/sql-set.html

Geoff


On Wed, Apr 30, 2014 at 6:19 AM, Hello World <worldanizer@xxxxxxxxx> wrote:

SET statement_timeout=0;
SET work_mem=1024GB;

I just realized about the SET command.

Isn't it weird that any user can set parameters such as this that will apply server wide? to all future sessions?

I noticed that some of the parameters can only be set by superusers, and some require re-start, but still. Anybody can re-configure the server..... ??

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Postgresql Jobs]     [Postgresql Admin]     [Postgresql Performance]     [Linux Clusters]     [PHP Home]     [PHP on Windows]     [Kernel Newbies]     [PHP Classes]     [PHP Books]     [PHP Databases]     [Postgresql & PHP]     [Yosemite]
  Powered by Linux