On 6/14/17 10:05, Surafel Temesgen wrote: > PGC_POSTMASTER implies that it's an instance-wide setting. > Is is intentional? I can understand that it's more secure for this > not to > be changeable in an existing session, but it's also much less usable > if you > can't set it per-database and per-user. > Maybe it should be PGC_SUSET ? > > It’s my misunderstanding I thought PGC_POSTMASTER set only by > superuser and changed with a hard restart > > I attach a patch that incorporate the comments and uses similar routines > with the rest of the file rather than using command tag
After reviewing the discussion, I'm inclined to reject this patch. Several people have spoken out strongly against this patch. It's clear that this feature wouldn't actually offer any absolute protection; it just closes one particular hole. On the other hand, it introduces a maintenance and management burden. We already have libpq APIs that offer a more comprehensive protection against SQL injection, so we can encourage users to use those, instead of relying on uncertain measures such as this. -- Peter Eisentraut http://www.2ndQuadrant.com/ PostgreSQL Development, 24x7 Support, Remote DBA, Training & Services -- Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers
