Re: Fix column privileges for pg_subscription.subwalrcvtimeout

On Mon, Jun 1, 2026 at 10:44 PM Nisha Moond <nisha(dot)moond412(at)gmail(dot)com> wrote:
>
> Hi Hackers,
>
> IIUC, all columns of pg_subscription, except subconninfo, are intended
> to be readable by non-superusers as well. A comment in
> system_views.sql also states:
> "-- All columns of pg_subscription except subconninfo are publicly readable."
>
> However, 'subwalrcvtimeout' is currently not accessible:
> Test:
> postgres=# CREATE ROLE nisha LOGIN PASSWORD 'testpass';
> CREATE ROLE
> postgres=# SET SESSION AUTHORIZATION nisha;
> SET
> postgres=> select subwalrcvtimeout from pg_subscription;
> ERROR: permission denied for table pg_subscription
>
> It appears the column-level privileges for pg_subscription were not
> updated when subwalrcvtimeout was added.
>
> Attached is a small fix patch to grant public access to this column,
> consistent with the existing behavior of the other pg_subscription
> columns.

Thanks for the report and the patch! It looks good to me.

Barring any objections, I'll commit it. For my own reference, since this
changes the catalog, I'll need to update the catalog version when committing.

BTW, should we add a regression test for column privileges on pg_subscription
to help catch similar issues in the future? For example, the test could verify
that subconninfo remains unreadable to non-superusers, while all other existing
columns remain publicly readable. That would make it easier to detect omissions
when new columns are added to pg_subscription. For example,

SELECT count(*) = 0 AS ok
FROM pg_attribute
WHERE attrelid = 'pg_catalog.pg_subscription'::regclass
AND attnum > 0
AND NOT attisdropped
AND ((attname = 'subconninfo'
AND has_column_privilege('regress_subscription_user_dummy',
'pg_catalog.pg_subscription',
attname,
'SELECT'))
OR (attname <> 'subconninfo'
AND NOT
has_column_privilege('regress_subscription_user_dummy',
'pg_catalog.pg_subscription',
attname,
'SELECT')));

Regards,

--
Fujii Masao