Grant Finnemore wrote:
> Well, pg_stat_activity isn't really the problem here, because as you
> point out, it's just a view, and I could certainly redefine the view.
> The limiting factor is that the backend doesn't push the role name
> changes to the stats subsystem for either SET ROLE or SET SESSION
> AUTH.
Keep in mind that stats are updated only once every 500 ms, and messages
have a nontrivial overhead. With your proposed changes, there would be
a significant performance overhead to running security definer
functions.
A possible solution to this would be to publish current_user in shared
memory, so that remote processes could read it from there (similar to
how current_query is published).
--
Alvaro Herrera http://www.CommandPrompt.com/
The PostgreSQL Company - Command Prompt, Inc.