Hi, On 2021-11-08 12:23:18 -0500, Stephen Frost wrote: > If we're actually worried about catalog corruption (and, frankly, I've > got some serious doubts that jumping in and running CHECKPOINT; by hand > is a great idea if there's such active corruption)
I've been there when recovering from corruption. > though I continue to feel like the function based approach is better. I think it's a somewhat ugly hack. > then we must use such an approach no matter how we allow non-superusers to > run the command because any approach to that necessarily involves some > amount of catalog access. As long as there's no additional catalog access when the user is known to be a superuser, then I think it's fine. There's a difference between doing one pg_authid read for superuser - with a fallback to automatically assuming a user if one couldn't be found - and doing a full pg_proc read with several subsidiary pg_type reads etc. Greetings, Andres Freund
