Обсуждение: about privileges on pg_stat_activity columns
Hi, there is an auditor that want to monitor our database activity to see the session and the ip they come from, if they are waiting and so on... pg_stat_activity and pg_locks views come to my mind... we created an user to him and give him privileges to pg_locks and pg_stat_activity (and the functions pg_stat_activity is calling) but still he see the columns that comes from the functions as null... is there a way to give him access to that data without give him superuser? -- Atentamente, Jaime Casanova Soporte y capacitación de PostgreSQL Asesoría y desarrollo de sistemas Guayaquil - Ecuador Cel. +59387171157
Jaime Casanova wrote: > Hi, > > there is an auditor that want to monitor our database activity to see > the session and the ip they come from, if they are waiting and so > on... pg_stat_activity and pg_locks views come to my mind... > > we created an user to him and give him privileges to pg_locks and > pg_stat_activity (and the functions pg_stat_activity is calling) but > still he see the columns that comes from the functions as null... is > there a way to give him access to that data without give him > superuser? I'd create a view or some functions with "security definer" privileges. That way you can provide precisely the access needed. -- Richard Huxton Archonet Ltd
On Thu, Dec 4, 2008 at 4:02 AM, Richard Huxton <dev@archonet.com> wrote: > Jaime Casanova wrote: >> >> we created an user to him and give him privileges to pg_locks and >> pg_stat_activity (and the functions pg_stat_activity is calling) but >> still he see the columns that comes from the functions as null... is >> there a way to give him access to that data without give him >> superuser? > > I'd create a view or some functions with "security definer" privileges. > That way you can provide precisely the access needed. > exactly what i did... thanks to both -- Atentamente, Jaime Casanova Soporte y capacitación de PostgreSQL Asesoría y desarrollo de sistemas Guayaquil - Ecuador Cel. +59387171157