Andres Freund <> writes:
> On 2014-08-18 11:56:44 -0400, Robert Haas wrote:
>> I fully agree with the idea of exposing the amount of free memory in
>> the shared memory segment (as discussed in other emails); that's
>> critical information.  But I think exposing address space layout
>> information is of much less general utility and, really, far too
>> risky.

> Meh. For one it's just the offsets, not the actual addresses. It's also
> something you can relatively easily compute at home by looking at a
> couple of settings everyone can see. For another, I'd be perfectly
> content making this superuser only. And if somebody can execute queries
> as superuser, address layout information really isn't needed anymore to
> execute arbitrary code.

I agree that this has to be superuser-only if it's there at all.

Should we consider putting it into an extension rather than having
it in the core system?  That would offer some additional protection
for production systems, which really shouldn't have much need for
this IMO.

                        regards, tom lane

Sent via pgsql-hackers mailing list (
To make changes to your subscription:

Reply via email to