Re: pgsql: Keep pg_stat_statements' query texts in a file, not in shared me

From: Peter Geoghegan <pg(at)heroku(dot)com>
To: Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>
Cc: KONDO Mitsumasa <kondo(dot)mitsumasa(at)lab(dot)ntt(dot)co(dot)jp>, pgsql-committers(at)postgresql(dot)org
Subject: Re: pgsql: Keep pg_stat_statements' query texts in a file, not in shared me
Date: 2014-01-28 01:35:04
Message-ID: CAM3SWZTafe0v5CZT9hix-gXtEwvzD=My1QZtmS0LRCou=YFF0g@mail.gmail.com
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-committers pgsql-hackers

On Mon, Jan 27, 2014 at 5:23 PM, Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> wrote:
> Root can certainly also look at query texts in shared memory, or for that
> matter in the local memory of any process. So can anybody else running as
> the postgres userid.

I think that the concern may have had something to do with a
MAC-centric viewpoint (e.g. SELinux users), where bizarrely it doesn't
necessarily follow that root would be able to do any of those things.
But in that world, it is surely the security officer's responsibility
to make a special effort to meet those strange requirements. It's
totally orthogonal to our security model.

--
Peter Geoghegan

In response to

Browse pgsql-committers by date

  From Date Subject
Next Message Peter Geoghegan 2014-01-28 01:35:51 Re: pgsql: Keep pg_stat_statements' query texts in a file, not in shared me
Previous Message Andrew Dunstan 2014-01-28 01:34:17 Re: pgsql: Keep pg_stat_statements' query texts in a file, not in shared me

Browse pgsql-hackers by date

  From Date Subject
Next Message Peter Geoghegan 2014-01-28 01:35:51 Re: pgsql: Keep pg_stat_statements' query texts in a file, not in shared me
Previous Message Andrew Dunstan 2014-01-28 01:34:17 Re: pgsql: Keep pg_stat_statements' query texts in a file, not in shared me