Re: Read access for pg_monitor to pg_replication_origin_status view

From: Martín Marqués <martin(at)2ndquadrant(dot)com>
To: Michael Paquier <michael(at)paquier(dot)xyz>
Cc: PostgreSQL-development <pgsql-hackers(at)postgresql(dot)org>
Subject: Re: Read access for pg_monitor to pg_replication_origin_status view
Date: 2020-05-31 15:13:08
Message-ID: CAPdiE1xchn=v3=r9b4FpE=CuDFaQivv+ogQk0NXsbyFY6y4QSA@mail.gmail.com
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-hackers

Hi Michael,

> Wouldn't it be just better to remove this hardcoded superuser check
> and replace it with equivalent ACLs by default? The trick is to make
> sure that any function calling replorigin_check_prerequisites() has
> its execution correctly revoked from public. See for example
> e79350fe.

Looking at that, it seems a better solution. Let me wrap up a new
patch, likely later today or early tomorrow as it's Sunday ;-)

--
Martín Marqués http://www.2ndQuadrant.com/
PostgreSQL Development, 24x7 Support, Training & Services

In response to

Responses

Browse pgsql-hackers by date

  From Date Subject
Next Message Vik Fearing 2020-05-31 17:20:10 Compatible defaults for LEAD/LAG
Previous Message Andy Fan 2020-05-31 13:24:05 A wrong index choose issue because of inaccurate statistics