On Thu, Apr 7, 2016 at 10:45 AM, Stephen Frost <sfr...@snowman.net> wrote: > Use GRANT system to manage access to sensitive functions > > Now that pg_dump will properly dump out any ACL changes made to > functions which exist in pg_catalog, switch to using the GRANT system > to manage access to those functions. > > This means removing 'if (!superuser()) ereport()' checks from the > functions themselves and then REVOKEing EXECUTE right from 'public' for > these functions in system_views.sql.
This commit revokes the execution privilege on pg_start_backup() from a replication role. Doesn't this affect many systems that a replication role is used to take a backup? This commit forces administrators of those systems to manually grant the privilege to a replication role when upgrading the system to 9.6. Regards, -- Fujii Masao -- Sent via pgsql-committers mailing list (pgsql-committers@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-committers
