rdelaage
/
postgresql
mirror of https://git.postgresql.org/git/postgresql.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

doc: Clarify pgstattuple privileges information 

The description has gotten a bit confusing over time, so rewrite the
paragraph a bit.

Reported-by: Feike Steenbergen <feikesteenbergen@gmail.com>
This commit is contained in:
Peter Eisentraut 2017-11-02 12:12:23 -04:00
parent 7b6c075471
commit 0f53934164
1 changed files with 8 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
doc/src/sgml/pgstattuple.sgml
View File

@ -13,12 +13,14 @@
</para>
<para>
As these functions return detailed page-level information, only the superuser
has EXECUTE privileges on them upon installation. After the functions have
been installed, users may issue <command>GRANT</command> commands to change
the privileges on the functions to allow non-superusers to execute them. Members
of the <literal>pg_stat_scan_tables</literal> role are granted access by default. See
the description of the <xref linkend="sql-grant"> command for specifics.
Because these functions return detailed page-level information, access is
restricted by default. By default, only the
role <literal>pg_stat_scan_tables</literal> has <literal>EXECUTE</literal>
privilege. Superusers of course bypass this restriction. After the
extension has been installed, users may issue <command>GRANT</command>
commands to change the privileges on the functions to allow others to
execute them. However, it might be preferable to add those users to
the <literal>pg_stat_scan_tables</literal> role instead.
</para>
<sect2>