Hi, On 2021-05-06 14:56:09 -0400, Tom Lane wrote: > Robert Haas <robertmh...@gmail.com> writes: > > On Wed, Feb 3, 2021 at 2:30 AM Tom Lane <t...@sss.pgh.pa.us> wrote: > >> TBH, I'm leaning to the position that this should be superuser > >> only. > > > I agree that ordinary users shouldn't be able to trigger it, but I > > think it should be restricted to some predefined role, new or > > existing, rather than to superuser. I see no reason not to let > > individual users decide what risks they want to take. > > If we think it's worth having a predefined role for, OK. However, > I don't like the future I see us heading towards where there are > hundreds of random predefined roles. Is there an existing role > that it'd be reasonable to attach this ability to?
It does seem like it'd be good to group it in with something else. There's nothing fitting 100% though. postgres[1475723][1]=# SELECT rolname FROM pg_roles WHERE rolname LIKE 'pg_%' ORDER BY rolname; ┌───────────────────────────┐ │ rolname │ ├───────────────────────────┤ │ pg_database_owner │ │ pg_execute_server_program │ │ pg_monitor │ │ pg_read_all_data │ │ pg_read_all_settings │ │ pg_read_all_stats │ │ pg_read_server_files │ │ pg_signal_backend │ │ pg_stat_scan_tables │ │ pg_write_all_data │ │ pg_write_server_files │ └───────────────────────────┘ (11 rows) We could fit it into pg_monitor, but it's probably a bit more impactful than most things in there? But I'd go for it anyway, I think. Greetings, Andres Freund
