| From: | "Bossart, Nathan" <bossartn(at)amazon(dot)com> |
|---|---|
| To: | Bharath Rupireddy <bharath(dot)rupireddyforpostgres(at)gmail(dot)com>, "Michael Paquier" <michael(at)paquier(dot)xyz> |
| Cc: | Jeff Davis <pgsql(at)j-davis(dot)com>, Kyotaro Horiguchi <horikyota(dot)ntt(at)gmail(dot)com>, PostgreSQL-development <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | Re: Allow pg_signal_backend members to use pg_log_backend_memory_stats(). |
| Date: | 2021-10-25 16:15:20 |
| Message-ID: | 5B3B3232-14FC-4A90-84BD-4ABA78D2898B@amazon.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
On 10/25/21, 2:21 AM, "Bharath Rupireddy" <bharath(dot)rupireddyforpostgres(at)gmail(dot)com> wrote:
> On Mon, Oct 25, 2021 at 12:40 PM Michael Paquier <michael(at)paquier(dot)xyz> wrote:
>> Hmm. Why don't you split the patch into two parts that can be
>> discussed separately then? There would be one to remove all the
>> superuser() checks you can think of, and a potential second to grant
>> those function's execution to some system role.
>
> IMO, in this thread we can focus on remvong the
> pg_log_backend_memory_contexts()'s superuser() check and +1 to start a
> separate thread to remove superuser() checks for the other functions
> and REVOKE the permissions in appropriate places, for system functins
> system_functions.sql files, for extension functions, the extension
> installation .sql files. See [1] and [2].
I like the general idea of removing hard-coded superuser checks first
and granting execution to predefined roles second. I don't have any
strong opinion about what should be done in this thread and what
should be done elsewhere.
Nathan
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Robert Haas | 2021-10-25 16:17:53 | Re: pgsql: Remove unused wait events. |
| Previous Message | Stephen Frost | 2021-10-25 16:12:27 | Re: XTS cipher mode for cluster file encryption |