Re: POC: enable logical decoding when wal_level = 'replica' without a server restart
Amit Kapila <amit.kapila16@gmail.com>
From: Amit Kapila <amit.kapila16@gmail.com>
To: Masahiko Sawada <sawada.mshk@gmail.com>
Cc: Andres Freund <andres@anarazel.de>, Matthias van de Meent <boekewurm+postgres@gmail.com>,
Peter Smith <smithpb2250@gmail.com>, shveta malik <shveta.malik@gmail.com>, "Hayato Kuroda (Fujitsu)" <kuroda.hayato@fujitsu.com>,
Ashutosh Bapat <ashutosh.bapat.oss@gmail.com>, Shlok Kyal <shlok.kyal.oss@gmail.com>,
Bertrand Drouvot <bertranddrouvot.pg@gmail.com>, PostgreSQL-development <pgsql-hackers@postgresql.org>
Date: 2026-05-29T03:17:13Z
Lists: pgsql-hackers
On Wed, May 27, 2026 at 5:39 PM Masahiko Sawada <sawada.mshk@gmail.com> wrote: > > I noticed that this point still remains as an open item for PG19. > > I agree with the points Andres and Amit made: the REPLICATION > privilege already grants very powerful capabilities, including the > ability to read all data via physical streaming and to hold back > horizons. A user trusted with REPLICATION is already trusted enough > that allowing them to create a logical slot does not represent a > fundamentally new class of risk. > > As Andres pointed out, any user with more than the bare minimum of > permissions can cause arbitrarily high WAL volume in hard-to-identify > ways. If the concern is about detecting and responding to unexpected > overhead the better path would be improving monitoring infrastructure > (e.g. per-session or per-user WAL tracking) rather than restricting > logical slot creation itself. And we already have backend-level WAL > statistics. Since there have been no further objections since then, > I'd like to propose closing this open item as "Non-bugs". > +1. -- With Regards, Amit Kapila.