Re: proposal: hide application_name from other users

From: Dave Page <dpage(at)pgadmin(dot)org>
To: Stephen Frost <sfrost(at)snowman(dot)net>
Cc: Greg Stark <stark(at)mit(dot)edu>, Josh Berkus <josh(at)agliodbs(dot)com>, Magnus Hagander <magnus(at)hagander(dot)net>, Harold Giménez <harold(at)heroku(dot)com>, Mark Kirkwood <mark(dot)kirkwood(at)catalyst(dot)net(dot)nz>, Bruce Momjian <bruce(at)momjian(dot)us>, Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>, Craig Ringer <craig(at)2ndquadrant(dot)com>, Heikki Linnakangas <hlinnakangas(at)vmware(dot)com>, PostgreSQL-development <pgsql-hackers(at)postgresql(dot)org>
Subject: Re: proposal: hide application_name from other users
Date: 2014-01-29 08:40:14
Message-ID: CA+OCxowpfNjKP1YBQEO0-6jMheMpCRsA2yaFAUCQqhReT0yukg@mail.gmail.com
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-hackers

On Tue, Jan 28, 2014 at 8:17 PM, Stephen Frost <sfrost(at)snowman(dot)net> wrote:
> Greg,
>
> * Greg Stark (stark(at)mit(dot)edu) wrote:
>> On Tue, Jan 28, 2014 at 11:56 AM, Josh Berkus <josh(at)agliodbs(dot)com> wrote:
>> > For example, I would really like to GRANT an unpriv user access to the
>> > WAL columns in pg_stat_replication so that I can monitor replication
>> > delay without granting superuser permissions.
>>
>> So you can do this now by defining a security definer function that
>> extracts precisely the information you need and grant execute access
>> to precisely the users you want. There was some concern upthread about
>> defining security definer functions being tricky but I'm not sure what
>> conclusion to draw from that argument.
>
> Yeah, but that sucks if you want to build a generic monitoring system
> like check_postgres.pl. Telling users to grant certain privileges may
> work out, telling them to install these pl/pgsql things you write as
> security-definer-to-superuser isn't going to be nearly as easy when
> these users are (understandably, imv) uncomfortable having a monitor
> role have superusr privs.

I couldn't agree more. Whatever we do here we need a standard
mechanism that tool developers can expect to be present and the same
on all servers. Otherwise, we make it extremely difficult to build
tools like pgAdmin, check_postgres.pl and so on.

--
Dave Page
Blog: http://pgsnake.blogspot.com
Twitter: @pgsnake

EnterpriseDB UK: http://www.enterprisedb.com
The Enterprise PostgreSQL Company

In response to

Browse pgsql-hackers by date

  From Date Subject
Next Message Dean Rasheed 2014-01-29 08:59:25 Re: [PATCH] Negative Transition Aggregate Functions (WIP)
Previous Message Björn Harrtell 2014-01-29 08:37:39 Re: Patch: regexp_matches variant returning an array of matching positions