From: | Stephen Frost <sfrost(at)snowman(dot)net> |
---|---|
To: | "Bossart, Nathan" <bossartn(at)amazon(dot)com> |
Cc: | Bharath Rupireddy <bharath(dot)rupireddyforpostgres(at)gmail(dot)com>, PostgreSQL Hackers <pgsql-hackers(at)lists(dot)postgresql(dot)org> |
Subject: | Re: should we allow users with a predefined role to access pg_backend_memory_contexts view and pg_log_backend_memory_contexts function? |
Date: | 2021-10-13 00:33:19 |
Message-ID: | CAOuzzgqNr=wzuxd9Tv50OmR5kRyMqNMQ06aeu6-tZi6HYKxxrg@mail.gmail.com |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-hackers |
Greetings,
On Tue, Oct 12, 2021 at 20:26 Bossart, Nathan <bossartn(at)amazon(dot)com> wrote:
> On 10/9/21, 2:12 AM, "Bharath Rupireddy" <
> bharath(dot)rupireddyforpostgres(at)gmail(dot)com> wrote:
> > Here's the v1, please review it further.
>
> Thanks for the patch.
>
> - /* Only allow superusers to log memory contexts. */
> - if (!superuser())
> + /*
> + * Only superusers or members of pg_read_all_stats can log memory
> contexts.
> + */
> + if (!is_member_of_role(GetUserId(), ROLE_PG_READ_ALL_STATS))
>
> I personally think pg_log_backend_memory_contexts() should remain
> restricted to superusers since it directly impacts the server log.
> However, if we really did want to open it up to others, couldn't we
> add GRANT/REVOKE statements in system_functions.sql and remove the
> hard-coded superuser check? I think that provides a bit more
> flexibility (e.g., permission to execute it can be granted to others
> without giving them pg_read_all_stats).
I would think we would do both…. That is- move to using GRANT/REVOKE, and
then just include a GRANT to pg_read_all_stats.
Or not. I can see the argument that, because it just goes into the log,
that it doesn’t make sense to grant to a predefined role, since that role
wouldn’t be able to see the results even if it had access.
Thanks,
Stephen
>
From | Date | Subject | |
---|---|---|---|
Next Message | Andres Freund | 2021-10-13 01:03:04 | Re: [RFC] building postgres with meson |
Previous Message | Vik Fearing | 2021-10-13 00:30:09 | Re: BUG #17220: ALTER INDEX ALTER COLUMN SET (..) with an optionless opclass makes index and table unusable |