public inbox for [email protected]
help / color / mirror / Atom feedFrom: Tom Lane <[email protected]>
To: Imseih (AWS), Sami <[email protected]>
Cc: [email protected] <[email protected]>
Subject: Re: [BUG] autovacuum may skip tables when session_authorization/role is set on database
Date: Wed, 13 Dec 2023 16:18:22 -0500
Message-ID: <[email protected]> (raw)
In-Reply-To: <[email protected]>
References: <[email protected]>
"Imseih (AWS), Sami" <[email protected]> writes:
> A recent case in the field in which a database session_authorization is
> altered to a non-superuser, non-owner of tables via alter database .. set session_authorization ..
> caused autovacuum to skip tables.
That seems like an extremely not-bright idea. What is the actual
use case for such a setting? Doesn't it risk security problems?
> Attached is a repro and a patch which sets the session user to the BOOTSTRAP superuser
> at the start of the autovac worker.
I'm rather unimpressed by this proposal, first because there are
probably ten other ways to break autovac with ill-considered settings,
and second because if we do want to consider this a supported case,
what about other background processes? They'd likely have issues
as well.
regards, tom lane
view thread (4+ messages) latest in thread
reply
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Reply to all the recipients using the --to and --cc options:
reply via email
To: [email protected]
Cc: [email protected], [email protected]
Subject: Re: [BUG] autovacuum may skip tables when session_authorization/role is set on database
In-Reply-To: <[email protected]>
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
This inbox is served by agora; see mirroring instructions
for how to clone and mirror all data and code used for this inbox