Home > mailing lists

Re: Permission select pg_stat_replication - Mailing list pgsql-admin

From	Stephen Frost
Subject	Re: Permission select pg_stat_replication
Date	April 1, 2015 18:53:09
Msg-id	20150401155302.GP3663@tamriel.snowman.net Whole thread Raw
In response to	Re: Permission select pg_stat_replication (Denish Patel <denish@omniti.com>)
Responses	Re: Permission select pg_stat_replication
List	pgsql-admin

Tree view

* Denish Patel (denish@omniti.com) wrote:
> you should be able to use secure_check_postgres method to avoid granting
> SUPER permission on monitoring user.
[...]

Denish,

Please see my reply to Payal.  This doesn't work.  At the very least,
the permissions on the pg_stat_repl() function need to be adjusted to be
only GRANT'd to the monitoring user, otherwise the information is
available to everyone.  If that's the intent, then the view might as
well be granted to PUBLIC.

Recall that, by defualt, EXECUTE on a function is granted to PUBLIC.

Thanks,

    Stephen

Attachment

signature.asc

pgsql-admin by date:

From: Denish Patel
Date: 01 April 2015, 18:47:15
Subject: Re: Permission select pg_stat_replication

From: Denish Patel
Date: 01 April 2015, 19:54:06
Subject: Re: Permission select pg_stat_replication

Re: Permission select pg_stat_replication - Mailing list pgsql-admin

Attachment

Previous

Next