Re: pgsql: Keep pg_stat_statements' query texts in a file, not in shared me

(2014/01/28 10:15), Peter Geoghegan wrote:
> On Mon, Jan 27, 2014 at 5:12 PM, KONDO Mitsumasa
> <kondo(dot)mitsumasa(at)lab(dot)ntt(dot)co(dot)jp> wrote:
>> This patch has security problem that root can easily see the statement file
>> in database cluster.
>
> By default, we always serialize statements along with their query
> texts to disk on shutdown. Until May of 2012, pg_stat_statements
> didn't bother unlinking on startup, and so the file with query texts
> was always on the PGDATA filesystem. What's the difference?
It is written in documents; "For security reasons, non-superusers are not allowed
to see the text of queries executed by other users." Is root user superuser? And
initdb user might change to non-superuser after creating database cluster. In
japan, database operation user isn't always database admin. Because database
admin's salary is expensive than system operator's.

I test pg_stat_statement in PG9.1.0 that is released at 08/09/2011. But I cannot
see pg_stat_statement query at external text.. Can you tell me where is it?
I think it is in database file and is protected by postgres authority.

Regards,
--
Mitsumasa KONDO
NTT Open Source Software Center