Re: pg_stat_replication security
Magnus Hagander <magnus@hagander.net>
From: Magnus Hagander <magnus@hagander.net>
To: Itagaki Takahiro <itagaki.takahiro@gmail.com>
Cc: Josh Berkus <josh@agliodbs.com>, PostgreSQL-development <pgsql-hackers@postgresql.org>
Date: 2011-01-17T12:14:37Z
Lists: pgsql-hackers
On Mon, Jan 17, 2011 at 12:11, Itagaki Takahiro <itagaki.takahiro@gmail.com> wrote: > On Mon, Jan 17, 2011 at 19:51, Magnus Hagander <magnus@hagander.net> wrote: >> Here's a patch that limits it to superuser only. We can't easily match >> it to the user of the session given the way the walsender data is >> returned - it doesn't contain the user information. But limiting it to >> superuser only seems perfectly reasonable and in line with the >> encouragement not to use the replication user for login. >> >> Objections? > > It hides all fields in pg_stat_wal_senders(). Instead, can we just > revoke usage of the function and view? Or, do we have some plans > to add fields which normal users can see? Yes, for consistency with pg_stat_activity. We let all users see which other sessions are there, but not what they're doing - seems reasonable to have the same definitions for replication sessions as other sessions. -- Magnus Hagander Me: http://www.hagander.net/ Work: http://www.redpill-linpro.com/