Skip to content

Commit 213eae9

Browse files
peterepetere
committed
doc: Add security information about pg_stat_activity
Add a basic note that some columns in pg_stat_activity and related views are not visible to all users. Discussion: https://www.postgresql.org/message-id/3018acd9-e5d8-1e85-5ed7-47276cd77569%402ndquadrant.com
1 parent 1995552 commit 213eae9

File tree

1 file changed

+12
-0
lines changed

1 file changed

+12
-0
lines changed

doc/src/sgml/monitoring.sgml

Lines changed: 12 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -268,6 +268,18 @@ postgres 27093 0.0 0.0 30096 2752 ? Ss 11:34 0:00 postgres: ser
268268
stated above; instead they update continuously throughout the transaction.
269269
</para>
270270

271+
<para>
272+
Some of the information in the dynamic statistics views shown in <xref
273+
linkend="monitoring-stats-dynamic-views-table"/> is security restricted.
274+
Ordinary users can only see all the information about their own sessions
275+
(sessions belonging to a role that they are a member of). In rows about
276+
other sessions, many columns will be null. Note, however, that the
277+
existence of a session and its general properties such as its sessions user
278+
and database are visible to all users. Superusers and members of the
279+
built-in role <literal>pg_read_all_stats</literal> (see also <xref
280+
linkend="default-roles"/>) can see all the information about all sessions.
281+
</para>
282+
271283
<table id="monitoring-stats-dynamic-views-table">
272284
<title>Dynamic Statistics Views</title>
273285

0 commit comments

Comments
 (0)
pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy