On Mon, 2021-10-25 at 14:30 -0700, Andres Freund wrote: > I don't get the reasoning behind the "except ..." logic. What does > this > actually protect against? A reasonable use case for this feature is > is to > monitor memory usage of all backends, and this restriction practially > requires > to still use a security definer function.
Nathan brought it up -- more as a question than a request, so perhaps it's not necessary. I don't have a strong opinion about it, but I included it to be conservative (easier to relax a privilege than to tighten one). I can cut out the in-function check entirely if there's no objection. Regards, Jeff Davis [1] https://postgr.es/m/33f34f0c-bb16-48de-b125-95d340a54...@amazon.com