You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Use GRANT system to manage access to sensitive functions
Now that pg_dump will properly dump out any ACL changes made to
functions which exist in pg_catalog, switch to using the GRANT system
to manage access to those functions.
This means removing 'if (!superuser()) ereport()' checks from the
functions themselves and then REVOKEing EXECUTE right from 'public' for
these functions in system_views.sql.
Reviews by Alexander Korotkov, Jose Luis Tallon
<entry>Create a named point for performing restore (restricted to superusers)</entry>
17494
+
<entry>Create a named point for performing restore (restricted to superusers by default, but other users can be granted EXECUTE to run the function)</entry>
<entry>Finish performing exclusive on-line backup (restricted to superusers or replication roles)</entry>
17529
+
<entry>Finish performing exclusive on-line backup (restricted to superusers by default, but other users can be granted EXECUTE to run the function)</entry>
<entry>Finish performing exclusive or non-exclusive on-line backup (restricted to superusers or replication roles)</entry>
17536
+
<entry>Finish performing exclusive or non-exclusive on-line backup (restricted to superusers by default, but other users can be granted EXECUTE to run the function)</entry>
<entry>Force switch to a new transaction log file (restricted to superusers)</entry>
17557
+
<entry>Force switch to a new transaction log file (restricted to superusers by default, but other users can be granted EXECUTE to run the function)</entry>
17557
17558
</row>
17558
17559
<row>
17559
17560
<entry>
@@ -17821,15 +17822,15 @@ postgres=# SELECT * FROM pg_xlogfile_name_offset(pg_stop_backup());
0 commit comments