Re: should we allow users with a predefined role to access pg_backend_memory_contexts view and pg_log_backend_memory_contexts function? - Mailing list pgsql-hackers
From
Stephen Frost
Subject
Re: should we allow users with a predefined role to access pg_backend_memory_contexts view and pg_log_backend_memory_contexts function?
- /* Only allow superusers to log memory contexts. */ - if (!superuser()) + /* + * Only superusers or members of pg_read_all_stats can log memory contexts. + */ + if (!is_member_of_role(GetUserId(), ROLE_PG_READ_ALL_STATS))
I personally think pg_log_backend_memory_contexts() should remain restricted to superusers since it directly impacts the server log. However, if we really did want to open it up to others, couldn't we add GRANT/REVOKE statements in system_functions.sql and remove the hard-coded superuser check? I think that provides a bit more flexibility (e.g., permission to execute it can be granted to others without giving them pg_read_all_stats).
I would think we would do both…. That is- move to using GRANT/REVOKE, and then just include a GRANT to pg_read_all_stats.
Or not. I can see the argument that, because it just goes into the log, that it doesn’t make sense to grant to a predefined role, since that role wouldn’t be able to see the results even if it had access.