| From: | Magnus Hagander <magnus(at)hagander(dot)net> |
|---|---|
| To: | Itagaki Takahiro <itagaki(dot)takahiro(at)gmail(dot)com> |
| Cc: | Josh Berkus <josh(at)agliodbs(dot)com>, PostgreSQL-development <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | Re: pg_stat_replication security |
| Date: | 2011-01-17 12:14:37 |
| Message-ID: | AANLkTikTB=sZT=P4R38AO9kuR3tJHFEHFgMoU8nB_X28@mail.gmail.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
On Mon, Jan 17, 2011 at 12:11, Itagaki Takahiro
<itagaki(dot)takahiro(at)gmail(dot)com> wrote:
> On Mon, Jan 17, 2011 at 19:51, Magnus Hagander <magnus(at)hagander(dot)net> wrote:
>> Here's a patch that limits it to superuser only. We can't easily match
>> it to the user of the session given the way the walsender data is
>> returned - it doesn't contain the user information. But limiting it to
>> superuser only seems perfectly reasonable and in line with the
>> encouragement not to use the replication user for login.
>>
>> Objections?
>
> It hides all fields in pg_stat_wal_senders(). Instead, can we just
> revoke usage of the function and view? Or, do we have some plans
> to add fields which normal users can see?
Yes, for consistency with pg_stat_activity. We let all users see which
other sessions are there, but not what they're doing - seems
reasonable to have the same definitions for replication sessions as
other sessions.
--
Magnus Hagander
Me: http://www.hagander.net/
Work: http://www.redpill-linpro.com/
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Pavel Golub | 2011-01-17 12:18:11 | Re: Warning compiling pg_dump (MinGW, Windows XP) |
| Previous Message | Robert Haas | 2011-01-17 11:53:24 | Re: replication and pg_hba.conf |