Re: POC: enable logical decoding when wal_level = 'replica' without a server restart

Amit Kapila <amit.kapila16@gmail.com>

From: Amit Kapila <amit.kapila16@gmail.com>
To: Masahiko Sawada <sawada.mshk@gmail.com>
Cc: Andres Freund <andres@anarazel.de>, Matthias van de Meent <boekewurm+postgres@gmail.com>, Peter Smith <smithpb2250@gmail.com>, shveta malik <shveta.malik@gmail.com>, "Hayato Kuroda (Fujitsu)" <kuroda.hayato@fujitsu.com>, Ashutosh Bapat <ashutosh.bapat.oss@gmail.com>, Shlok Kyal <shlok.kyal.oss@gmail.com>, Bertrand Drouvot <bertranddrouvot.pg@gmail.com>, PostgreSQL-development <pgsql-hackers@postgresql.org>
Date: 2026-05-29T03:17:13Z
Lists: pgsql-hackers
On Wed, May 27, 2026 at 5:39 PM Masahiko Sawada <sawada.mshk@gmail.com> wrote:
>
> I noticed that this point still remains as an open item for PG19.
>
> I agree with the points Andres and Amit made: the REPLICATION
> privilege already grants very powerful capabilities, including the
> ability to read all data via physical streaming and to hold back
> horizons. A user trusted with REPLICATION is already trusted enough
> that allowing them to create a logical slot does not represent a
> fundamentally new class of risk.
>
> As Andres pointed out, any user with more than the bare minimum of
> permissions can cause arbitrarily high WAL volume in hard-to-identify
> ways. If the concern is about detecting and responding to unexpected
> overhead the better path would be improving monitoring infrastructure
> (e.g. per-session or per-user WAL tracking) rather than restricting
> logical slot creation itself. And we already have backend-level WAL
> statistics. Since there have been no further objections since then,
> I'd like to propose closing this open item as "Non-bugs".
>

+1.

-- 
With Regards,
Amit Kapila.