From: Peter Eisentraut Date: Thu, 21 Feb 2019 18:49:27 +0000 (+0100) Subject: doc: Add security information about pg_stat_activity X-Git-Tag: REL_12_BETA1~692 X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=213eae9b8a8a6b2ce3b0e5f5dc86d4b267096398;p=postgresql doc: Add security information about pg_stat_activity Add a basic note that some columns in pg_stat_activity and related views are not visible to all users. Discussion: https://www.postgresql.org/message-id/3018acd9-e5d8-1e85-5ed7-47276cd77569%402ndquadrant.com --- diff --git a/doc/src/sgml/monitoring.sgml b/doc/src/sgml/monitoring.sgml index 5c1408bdf5..0e73cdcdda 100644 --- a/doc/src/sgml/monitoring.sgml +++ b/doc/src/sgml/monitoring.sgml @@ -268,6 +268,18 @@ postgres 27093 0.0 0.0 30096 2752 ? Ss 11:34 0:00 postgres: ser stated above; instead they update continuously throughout the transaction. + + Some of the information in the dynamic statistics views shown in is security restricted. + Ordinary users can only see all the information about their own sessions + (sessions belonging to a role that they are a member of). In rows about + other sessions, many columns will be null. Note, however, that the + existence of a session and its general properties such as its sessions user + and database are visible to all users. Superusers and members of the + built-in role pg_read_all_stats (see also ) can see all the information about all sessions. + + Dynamic Statistics Views