Re: pageinspect some function no need superuser priv - Mailing list pgsql-hackers

From Michael Paquier
Subject Re: pageinspect some function no need superuser priv
Date
Msg-id aO72JFdrrM3Wnf49@paquier.xyz
Whole thread Raw
In response to Re: pageinspect some function no need superuser priv  (Nathan Bossart <nathandbossart@gmail.com>)
List pgsql-hackers
On Tue, Oct 14, 2025 at 10:51:51AM -0500, Nathan Bossart wrote:
> On Tue, Oct 14, 2025 at 10:29:39AM -0400, Tom Lane wrote:
>> Yeah, I do not think it follows that being table owner should
>> entitle you to such low-level access.  I'm inclined to reject
>> this proposal.
>
> -1 here, too.  IMHO all of pageinspect should remain superuser-only since
> it is meant for development/debugging.  The proposal doesn't describe a
> use-case for the relaxed privileges, either.

Same.  We've always wanted this module to be superuser-only, with
superuser hardcoded checks and not even execution ACLs.
--
Michael

Attachment

pgsql-hackers by date:

Previous
From: Masahiko Sawada
Date:
Subject: Re: pg_createsubscriber - more logging to say if there are no pubs to drop
Next
From: Xuneng Zhou
Date:
Subject: Re: pgstattuple: Use streaming read API in pgstatindex functions