On Fri, May 20, 2022 at 03:17:29PM +0900, Ian Lawrence Barwick wrote: > It seems reasonable to mention here that the information is also visible to > members of "pg_read_all_stats", similar to what is done in the > pg_stat_statements > docs [2]. > > [2] > https://www.postgresql.org/docs/current/pgstatstatements.html#PGSTATSTATEMENTS-COLUMNS > > Suggested wording: > >> Note that even when enabled, this information is only visible to superusers, >> members of the <literal>pg_read_all_stats</literal> role and the user owning >> the session being reported on, so it should not represent a security risk. > > Patch (for HEAD) with suggested wording attached; the change should > IMO be applied > all the way back to v10 (though as-is the patch only applies to HEAD, > can provide > others if needed).
LGTM -- Nathan Bossart Amazon Web Services: https://aws.amazon.com
