On Sun, Nov 22, 2020 at 11:55 AM Tom Lane <t...@sss.pgh.pa.us> wrote: > > vignesh C <vignes...@gmail.com> writes: > > The idea here is to implement & expose pg_print_callstack function, > > internally what this function does is, the connected backend will send > > SIGUSR1 signal by setting PMSIGNAL_BACKTRACE_EMIT to the postmaster > > process. Postmaster process will send a SIGUSR1 signal to the process > > by setting PROCSIG_BACKTRACE_PRINT if the process has access to > > ProcSignal. As syslogger process & Stats process don't have access to > > ProcSignal, multiplexing with SIGUSR1 is not possible for these > > processes, hence SIGUSR2 signal will be sent for these processes. Once > > the process receives this signal it will log the backtrace of the > > process. > > Surely this is *utterly* unsafe. You can't do that sort of stuff in > a signal handler. > > It might be all right to set a flag that would cause the next > CHECK_FOR_INTERRUPTS to print a backtrace, but I'm not sure > how useful that really is. > > The proposed postmaster.c addition seems quite useless, as there > is exactly one stack trace it could ever log. > > I would like to see some discussion of the security implications > of such a feature, as well. ("There aren't any" is the wrong > answer.)
Hi Hackers, Any thoughts on the security implication for this feature. Regards, Vignesh EnterpriseDB: http://www.enterprisedb.com