| From: | Robert Haas <robertmhaas(at)gmail(dot)com> |
|---|---|
| To: | Peter Eisentraut <peter(dot)eisentraut(at)2ndquadrant(dot)com> |
| Cc: | pgsql-hackers <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | Re: restrict pg_stat_ssl to superuser? |
| Date: | 2019-02-19 17:44:51 |
| Message-ID: | CA+TgmoZBAYK8DH6bgY24-ZuqnbqcOwQR95YK2kWUqhEAEQ1cEQ@mail.gmail.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
On Thu, Feb 7, 2019 at 3:30 AM Peter Eisentraut
<peter(dot)eisentraut(at)2ndquadrant(dot)com> wrote:
> As discussed in [0], should we restrict access to pg_stat_ssl to
> superusers (and an appropriate pg_ role)?
>
> If so, is there anything in that view that should be made available to
> non-superusers? If not, then we could perhaps do this via a simple
> permission change instead of going the route of blanking out individual
> columns.
Shouldn't unprivileged users be able to see their own entries, or
entries for roles which they could assume via SET ROLE?
--
Robert Haas
EnterpriseDB: http://www.enterprisedb.com
The Enterprise PostgreSQL Company
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Julien Rouhaud | 2019-02-19 17:48:04 | Re: BUG #15572: Misleading message reported by "Drop function operation" on DB with functions having same name |
| Previous Message | Robert Haas | 2019-02-19 17:36:26 | Re: Delay locking partitions during INSERT and UPDATE |