From 02ea9673382e03d92b8daa0f7eb7e5fa38c6be2b Mon Sep 17 00:00:00 2001 From: Michael Paquier Date: Mon, 30 May 2022 10:51:37 +0900 Subject: [PATCH] doc: Reword description of roles able to view track_activities's info The information generated when track_activities is accessible to superusers, roles with the privileges of pg_read_all_stats, as well as roles one has the privileges of. The original text did not outline the last point, while the change done in ac1ae47 was unclear about the second point. Per discussion with Nathan Bossart. Discussion: https://postgr.es/m/20220521185743.GA886636@nathanxps13 Backpatch-through: 10 --- doc/src/sgml/config.sgml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/doc/src/sgml/config.sgml b/doc/src/sgml/config.sgml index eebf0e195f..e0335161a1 100644 --- a/doc/src/sgml/config.sgml +++ b/doc/src/sgml/config.sgml @@ -6118,10 +6118,10 @@ COPY postgres_log FROM '/full/path/to/logfile.csv' WITH csv; executing command of each session, along with the time when that command began execution. This parameter is on by default. Note that even when enabled, this information is not - visible to all users, only to superusers, members of the - pg_read_all_stats role and the user owning - the session being reported on, so it should not represent a - security risk. + visible to all users, only to superusers, roles with privileges of the + pg_read_all_stats role and the user owning the + sessions being reported on (including sessions belonging to a role they + have the privileges of), so it should not represent a security risk. Only superusers can change this setting.