Re: Allow pg_signal_backend members to use pg_log_backend_memory_stats().

Jeff Davis <pgsql@j-davis.com>

From: Jeff Davis <pgsql@j-davis.com>
To: Andres Freund <andres@anarazel.de>
Cc: Michael Paquier <michael@paquier.xyz>, Kyotaro Horiguchi <horikyota.ntt@gmail.com>, bossartn@amazon.com, pgsql-hackers@postgresql.org
Date: 2021-10-25T23:28:13Z
Lists: pgsql-hackers
On Mon, 2021-10-25 at 14:30 -0700, Andres Freund wrote:
> I don't get the reasoning behind the "except ..." logic. What does
> this
> actually protect against? A reasonable use case for this feature is
> is to
> monitor memory usage of all backends, and this restriction practially
> requires
> to still use a security definer function.

Nathan brought it up -- more as a question than a request, so perhaps
it's not necessary. I don't have a strong opinion about it, but I
included it to be conservative (easier to relax a privilege than to
tighten one).

I can cut out the in-function check entirely if there's no objection.

Regards,
	Jeff Davis

[1] https://postgr.es/m/33F34F0C-BB16-48DE-B125-95D340A54AE8@amazon.com




Commits

  1. Allow GRANT on pg_log_backend_memory_contexts().