Re: should we allow users with a predefined role to access pg_backend_memory_contexts view and pg_log_backend_memory_contexts function?
| От | Stephen Frost |
|---|---|
| Тема | Re: should we allow users with a predefined role to access pg_backend_memory_contexts view and pg_log_backend_memory_contexts function? |
| Дата | |
| Msg-id | CAOuzzgqNr=wzuxd9Tv50OmR5kRyMqNMQ06aeu6-tZi6HYKxxrg@mail.gmail.com обсуждение исходный текст |
| Ответ на | Re: should we allow users with a predefined role to access pg_backend_memory_contexts view and pg_log_backend_memory_contexts function? ("Bossart, Nathan" <bossartn@amazon.com>) |
| Ответы |
Re: should we allow users with a predefined role to access pg_backend_memory_contexts view and pg_log_backend_memory_contexts function?gr
Re: should we allow users with a predefined role to access pg_backend_memory_contexts view and pg_log_backend_memory_contexts function? |
| Список | pgsql-hackers |
Greetings,
On Tue, Oct 12, 2021 at 20:26 Bossart, Nathan <bossartn@amazon.com> wrote:
On 10/9/21, 2:12 AM, "Bharath Rupireddy" <bharath.rupireddyforpostgres@gmail.com> wrote:
> Here's the v1, please review it further.
Thanks for the patch.
- /* Only allow superusers to log memory contexts. */
- if (!superuser())
+ /*
+ * Only superusers or members of pg_read_all_stats can log memory contexts.
+ */
+ if (!is_member_of_role(GetUserId(), ROLE_PG_READ_ALL_STATS))
I personally think pg_log_backend_memory_contexts() should remain
restricted to superusers since it directly impacts the server log.
However, if we really did want to open it up to others, couldn't we
add GRANT/REVOKE statements in system_functions.sql and remove the
hard-coded superuser check? I think that provides a bit more
flexibility (e.g., permission to execute it can be granted to others
without giving them pg_read_all_stats).
I would think we would do both…. That is- move to using GRANT/REVOKE, and then just include a GRANT to pg_read_all_stats.
Or not. I can see the argument that, because it just goes into the log, that it doesn’t make sense to grant to a predefined role, since that role wouldn’t be able to see the results even if it had access.
Thanks,
Stephen
В списке pgsql-hackers по дате отправления: