| From: | Michael Paquier <michael(at)paquier(dot)xyz> |
|---|---|
| To: | Nathan Bossart <nathandbossart(at)gmail(dot)com> |
| Cc: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>, Kirill Reshke <reshkekirill(at)gmail(dot)com>, jian he <jian(dot)universality(at)gmail(dot)com>, PostgreSQL-development <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | Re: pageinspect some function no need superuser priv |
| Date: | 2025-10-15 01:17:24 |
| Message-ID: | aO72JFdrrM3Wnf49@paquier.xyz |
| Views: | Whole Thread | Raw Message | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
On Tue, Oct 14, 2025 at 10:51:51AM -0500, Nathan Bossart wrote:
> On Tue, Oct 14, 2025 at 10:29:39AM -0400, Tom Lane wrote:
>> Yeah, I do not think it follows that being table owner should
>> entitle you to such low-level access. I'm inclined to reject
>> this proposal.
>
> -1 here, too. IMHO all of pageinspect should remain superuser-only since
> it is meant for development/debugging. The proposal doesn't describe a
> use-case for the relaxed privileges, either.
Same. We've always wanted this module to be superuser-only, with
superuser hardcoded checks and not even execution ACLs.
--
Michael
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Xuneng Zhou | 2025-10-15 01:24:47 | Re: pgstattuple: Use streaming read API in pgstatindex functions |
| Previous Message | Masahiko Sawada | 2025-10-15 00:41:52 | Re: pg_createsubscriber - more logging to say if there are no pubs to drop |