On Tue, Mar 28, 2017 at 1:52 PM, Mark Dilger <hornschnor...@gmail.com> wrote: > >> On Mar 28, 2017, at 9:55 AM, Robert Haas <robertmh...@gmail.com> wrote: >> >> On Tue, Mar 28, 2017 at 12:47 PM, Dave Page <dp...@pgadmin.org> wrote: >>>> I don't see any precedent in the code for having a hardcoded role, other >>>> than >>>> superuser, and allowing privileges based on a hardcoded test for membership >>>> in that role. I'm struggling to think of all the security implications of >>>> that. >>> >>> This would be the first. >> >> Isn't pg_signal_backend an existing precedent? > > Sorry, I meant to say that there is no precedent for allowing access to data > based > on a hardcoded test for membership in a role other than superuser.
This doesn't allow access to data, except through monitoring of queries that are executed (e.g. full access to pg_stat_activity) - which you can avoid by not using the role if that's your choice. -- Dave Page Blog: http://pgsnake.blogspot.com Twitter: @pgsnake EnterpriseDB UK: http://www.enterprisedb.com The Enterprise PostgreSQL Company -- Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers