Re: pg_terminate_backend for same-role

Tom Lane <tgl@sss.pgh.pa.us>

From: Tom Lane <tgl@sss.pgh.pa.us>
To: Daniel Farina <daniel@heroku.com>
Cc: Fujii Masao <masao.fujii@gmail.com>, pgsql-hackers <pgsql-hackers@postgresql.org>
Date: 2012-03-16T05:33:45Z
Lists: pgsql-hackers
Daniel Farina <daniel@heroku.com> writes:
> The way MyCancelKey is checked now is backwards, in my mind.  It seems
> like it would be better checked by the receiving PID (one can use a
> check/recheck also, if so inclined).  Is there a large caveat to that?

You mean, other than the fact that kill(2) can't transmit such a key?

But actually I don't see what you hope to gain from such a change,
even if it can be made to work.  Anyone who can do kill(SIGINT) can
do kill(SIGKILL), say --- so you have to be able to trust the signal
sender.  What's the point of not trusting it to verify the client
identity?

			regards, tom lane