Re: restrict pg_stat_ssl to superuser?

From: Michael Paquier <michael(at)paquier(dot)xyz>
To: Peter Eisentraut <peter(dot)eisentraut(at)2ndquadrant(dot)com>
Cc: pgsql-hackers <pgsql-hackers(at)postgresql(dot)org>
Subject: Re: restrict pg_stat_ssl to superuser?
Date: 2019-02-12 06:40:07
Message-ID: 20190212064007.GN1475@paquier.xyz
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-hackers

On Thu, Feb 07, 2019 at 09:30:38AM +0100, Peter Eisentraut wrote:
> If so, is there anything in that view that should be made available to
> non-superusers? If not, then we could perhaps do this via a simple
> permission change instead of going the route of blanking out individual
> columns.

Hm. It looks sensible to move to a per-permission approach for that
view. Now, pg_stat_get_activity() is not really actually restricted,
and would still return the information on direct calls, so the idea
would be to split the SSL-related data into its own function?
--
Michael

In response to

Responses

Browse pgsql-hackers by date

  From Date Subject
Next Message Amit Langote 2019-02-12 06:41:15 Re: speeding up planning with partitions
Previous Message Tsunakawa, Takayuki 2019-02-12 06:33:00 Speed up transaction completion faster after many relations are accessed in a transaction