On 2021-05-13 01:08, Laurenz Albe wrote:
> On Wed, 2021-05-12 at 18:03 +0530, Bharath Rupireddy wrote:
>> Since it also shows up the full query text and the plan
>> in the server log as plain text, there are chances that the sensitive
>> information might be logged into the server log which is a risky thing
>> from security standpoint.
Thanks for the notification!
> I think that is irrelevant.
>
> A superuser can already set "log_statement = 'all'" to get this.
> There is no protection from superusers, and it is pointless to require
> that.
AFAIU, since that discussion is whether or not users other than
superusers
should be given the privilege to execute the backtrace printing
function,
I think it might be applicable to pg_log_current_plan().
Since restricting privilege to superusers is stricter, I'm going to
proceed
as it is for now, but depending on the above discussion, it may be
better to
change it.
Regards,
--
Atsushi Torikoshi
NTT DATA CORPORATION
