Movatterモバイル変換


[0]ホーム

URL:


Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

Sign up
Appearance settings

Commitf9692a7

Browse files
committed
Hide other user's pg_stat_ssl rows
Change pg_stat_ssl so that an unprivileged user can only see their ownrows; other rows will be all null. This makes the behavior consistentwith pg_stat_activity, where information about where the connectioncame from is also restricted.Reviewed-by: Michael Paquier <michael@paquier.xyz>Discussion:https://www.postgresql.org/message-id/flat/63117976-d02c-c8e2-3aef-caa31a5ab8d3%402ndquadrant.com
1 parent213eae9 commitf9692a7

File tree

1 file changed

+41
-32
lines changed

1 file changed

+41
-32
lines changed

‎src/backend/utils/adt/pgstatfuncs.c

Lines changed: 41 additions & 32 deletions
Original file line numberDiff line numberDiff line change
@@ -645,38 +645,6 @@ pg_stat_get_activity(PG_FUNCTION_ARGS)
645645
else
646646
nulls[16]= true;
647647

648-
if (beentry->st_ssl)
649-
{
650-
values[18]=BoolGetDatum(true);/* ssl */
651-
values[19]=CStringGetTextDatum(beentry->st_sslstatus->ssl_version);
652-
values[20]=CStringGetTextDatum(beentry->st_sslstatus->ssl_cipher);
653-
values[21]=Int32GetDatum(beentry->st_sslstatus->ssl_bits);
654-
values[22]=BoolGetDatum(beentry->st_sslstatus->ssl_compression);
655-
656-
if (beentry->st_sslstatus->ssl_client_dn[0])
657-
values[23]=CStringGetTextDatum(beentry->st_sslstatus->ssl_client_dn);
658-
else
659-
nulls[23]= true;
660-
661-
if (beentry->st_sslstatus->ssl_client_serial[0])
662-
values[24]=DirectFunctionCall3(numeric_in,
663-
CStringGetDatum(beentry->st_sslstatus->ssl_client_serial),
664-
ObjectIdGetDatum(InvalidOid),
665-
Int32GetDatum(-1));
666-
else
667-
nulls[24]= true;
668-
669-
if (beentry->st_sslstatus->ssl_issuer_dn[0])
670-
values[25]=CStringGetTextDatum(beentry->st_sslstatus->ssl_issuer_dn);
671-
else
672-
nulls[25]= true;
673-
}
674-
else
675-
{
676-
values[18]=BoolGetDatum(false);/* ssl */
677-
nulls[19]=nulls[20]=nulls[21]=nulls[22]=nulls[23]=nulls[24]=nulls[25]= true;
678-
}
679-
680648
/* Values only available to role member or pg_read_all_stats */
681649
if (has_privs_of_role(GetUserId(),beentry->st_userid)||
682650
is_member_of_role(GetUserId(),DEFAULT_ROLE_READ_ALL_STATS))
@@ -854,6 +822,39 @@ pg_stat_get_activity(PG_FUNCTION_ARGS)
854822
else
855823
values[17]=
856824
CStringGetTextDatum(pgstat_get_backend_desc(beentry->st_backendType));
825+
826+
/* SSL information */
827+
if (beentry->st_ssl)
828+
{
829+
values[18]=BoolGetDatum(true);/* ssl */
830+
values[19]=CStringGetTextDatum(beentry->st_sslstatus->ssl_version);
831+
values[20]=CStringGetTextDatum(beentry->st_sslstatus->ssl_cipher);
832+
values[21]=Int32GetDatum(beentry->st_sslstatus->ssl_bits);
833+
values[22]=BoolGetDatum(beentry->st_sslstatus->ssl_compression);
834+
835+
if (beentry->st_sslstatus->ssl_client_dn[0])
836+
values[23]=CStringGetTextDatum(beentry->st_sslstatus->ssl_client_dn);
837+
else
838+
nulls[23]= true;
839+
840+
if (beentry->st_sslstatus->ssl_client_serial[0])
841+
values[24]=DirectFunctionCall3(numeric_in,
842+
CStringGetDatum(beentry->st_sslstatus->ssl_client_serial),
843+
ObjectIdGetDatum(InvalidOid),
844+
Int32GetDatum(-1));
845+
else
846+
nulls[24]= true;
847+
848+
if (beentry->st_sslstatus->ssl_issuer_dn[0])
849+
values[25]=CStringGetTextDatum(beentry->st_sslstatus->ssl_issuer_dn);
850+
else
851+
nulls[25]= true;
852+
}
853+
else
854+
{
855+
values[18]=BoolGetDatum(false);/* ssl */
856+
nulls[19]=nulls[20]=nulls[21]=nulls[22]=nulls[23]=nulls[24]=nulls[25]= true;
857+
}
857858
}
858859
else
859860
{
@@ -870,6 +871,14 @@ pg_stat_get_activity(PG_FUNCTION_ARGS)
870871
nulls[13]= true;
871872
nulls[14]= true;
872873
nulls[17]= true;
874+
nulls[18]= true;
875+
nulls[19]= true;
876+
nulls[20]= true;
877+
nulls[21]= true;
878+
nulls[22]= true;
879+
nulls[23]= true;
880+
nulls[24]= true;
881+
nulls[25]= true;
873882
}
874883

875884
tuplestore_putvalues(tupstore,tupdesc,values,nulls);

0 commit comments

Comments
 (0)

[8]ページ先頭

©2009-2025 Movatter.jp