> Please explain more precisely what is wrong with SET SESSION
> AUTHORIZATION / SET ROLE.
1) Session GUCS do not change with a SET ROLE (this is a TODO I haven't
had any time to work on)
2) Users can always issue their own SET ROLE and then "hack into" other
users' data.
--
-- Josh Berkus
PostgreSQL Experts Inc.
http://www.pgexperts.com