From: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
---|---|
To: | "Euler Taveira" <euler(at)eulerto(dot)com> |
Cc: | pgsql-hackers(at)lists(dot)postgresql(dot)org |
Subject: | Re: missing GRANT on pg_subscription columns |
Date: | 2021-06-03 17:09:16 |
Message-ID: | 3561.1622740156@sss.pgh.pa.us |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-hackers |
"Euler Taveira" <euler(at)eulerto(dot)com> writes:
> I was checking the GRANT on pg_subscription and noticed that the command is not
> correct. There is a comment that says "All columns of pg_subscription except
> subconninfo are readable". However, there are columns that aren't included: oid
> and subsynccommit. It seems an oversight in the commits 6f236e1eb8c and
> 887227a1cc8.
Ugh.
> There are monitoring tools and data collectors that aren't using a
> superuser to read catalog information (I usually recommend using pg_monitor).
> Hence, you cannot join pg_subscription with relations such as
> pg_subscription_rel or pg_stat_subscription because column oid has no
> column-level privilege. I'm attaching a patch to fix it (indeed, 2 patches
> because of additional columns for v14). We should add instructions in the minor
> version release notes too.
I agree with fixing this in HEAD. But given that this has been wrong
since v10 with zero previous complaints, I doubt that it is worth the
complication of trying to do something about it in the back branches.
Maybe we could just adjust the docs there, instead.
regards, tom lane
From | Date | Subject | |
---|---|---|---|
Next Message | Arne Roland | 2021-06-03 17:17:55 | Re: PATCH: generate fractional cheapest paths in generate_orderedappend_path |
Previous Message | Jeff Davis | 2021-06-03 16:38:24 | Re: Decoding of two-phase xacts missing from CREATE_REPLICATION_SLOT command |