Home > mailing lists

Re: restrict pg_stat_ssl to superuser? - Mailing list pgsql-hackers

From	Robert Haas
Subject	Re: restrict pg_stat_ssl to superuser?
Date	February 19, 2019 20:44:51
Msg-id	CA+TgmoZBAYK8DH6bgY24-ZuqnbqcOwQR95YK2kWUqhEAEQ1cEQ@mail.gmail.com Whole thread Raw
In response to	restrict pg_stat_ssl to superuser? (Peter Eisentraut <peter.eisentraut@2ndquadrant.com>)
List	pgsql-hackers

Tree view

On Thu, Feb 7, 2019 at 3:30 AM Peter Eisentraut
<peter.eisentraut@2ndquadrant.com> wrote:
> As discussed in [0], should we restrict access to pg_stat_ssl to
> superusers (and an appropriate pg_ role)?
>
> If so, is there anything in that view that should be made available to
> non-superusers?  If not, then we could perhaps do this via a simple
> permission change instead of going the route of blanking out individual
> columns.

Shouldn't unprivileged users be able to see their own entries, or
entries for roles which they could assume via SET ROLE?

-- 
Robert Haas
EnterpriseDB: http://www.enterprisedb.com
The Enterprise PostgreSQL Company

pgsql-hackers by date:

From: Robert Haas
Date: 19 February 2019, 20:36:26
Subject: Re: Delay locking partitions during INSERT and UPDATE

From: David Fetter
Date: 19 February 2019, 21:03:03
Subject: Re: CPU costs of random_zipfian in pgbench

Re: restrict pg_stat_ssl to superuser? - Mailing list pgsql-hackers

Previous

Next