From: | Bruce Momjian <bruce(at)momjian(dot)us> |
---|---|
To: | Magnus Hagander <magnus(at)hagander(dot)net> |
Cc: | sys-milan(at)statpro(dot)com, pgsql-bugs <pgsql-bugs(at)postgresql(dot)org> |
Subject: | Re: BUG #9136: pg_is_xlog_replay_paused() should not need Superuser |
Date: | 2014-04-18 14:53:23 |
Message-ID: | 20140418145323.GB28349@momjian.us |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-bugs |
On Fri, Apr 18, 2014 at 03:11:44PM +0200, Magnus Hagander wrote:
> Is this correct? Do we have proper super-user restrictions on all the
> right fields now?
>
>
> I'm not sure what the security problem would be for allowing non-superusers to
> run pg_is_xlog_replay_paused(). And if there are none, there is no reason why
> the function should be restricted like that.
>
> Also, looking at that specific documentation page, ISTM it needs a better way
> to show which functions actually *do* require superuser privileges. In some
> groups it states which do require it, and in some where it doesn't. Perhaps we
> should add a column to each of the tables with a yes/no value indicating if
> superuser is required for that specific function? Or at least have every table
> be prefixed by a statement saying which require superuser.
Well, right now we seem to have an inconsistent setup that is being
complained about regularly. Who can review it all and make a
recommendation? Should we just hold all this for 9.5?
--
Bruce Momjian <bruce(at)momjian(dot)us> http://momjian.us
EnterpriseDB http://enterprisedb.com
+ Everyone has their own god. +
From | Date | Subject | |
---|---|---|---|
Next Message | fburgess | 2014-04-18 15:24:52 | Re: Having trouble configuring a Master with multiple standby Servers in PostgreSQL 9.3.3 |
Previous Message | Magnus Hagander | 2014-04-18 13:51:36 | Re: BUG #9818: LDAP Authentication subtree problem |