Skip to content

Commit edb9797

Browse files
michaelpqmichaelpq
committed
Revoke pg_stat_statements_reset() permissions
Commit 25fff40 has granted execute permission of the function pg_stat_statements_reset() to default role "pg_read_all_stats", but this role is meant to read statistics, and not to reset them. The permissions on this function are revoked from "pg_read_all_stats". The version of pg_stat_statements is bumped up in consequence. Author: Haribabu Kommi Reviewed-by: Michael Paquier, Amit Kapila Discussion: https://postgr.es/m/CAJrrPGf5fCnKqXObpwGN9nMyD--tzOf-7LFCJiz59Z1wJ5qj9A@mail.gmail.com
1 parent fd58231 commit edb9797

File tree

3 files changed

+12
-4
lines changed

3 files changed

+12
-4
lines changed

contrib/pg_stat_statements/Makefile

+4-3
Original file line numberDiff line numberDiff line change
@@ -4,9 +4,10 @@ MODULE_big = pg_stat_statements
44
OBJS = pg_stat_statements.o $(WIN32RES)
55

66
EXTENSION = pg_stat_statements
7-
DATA = pg_stat_statements--1.4.sql pg_stat_statements--1.4--1.5.sql \
8-
pg_stat_statements--1.3--1.4.sql pg_stat_statements--1.2--1.3.sql \
9-
pg_stat_statements--1.1--1.2.sql pg_stat_statements--1.0--1.1.sql \
7+
DATA = pg_stat_statements--1.4.sql pg_stat_statements--1.5--1.6.sql \
8+
pg_stat_statements--1.4--1.5.sql pg_stat_statements--1.3--1.4.sql \
9+
pg_stat_statements--1.2--1.3.sql pg_stat_statements--1.1--1.2.sql \
10+
pg_stat_statements--1.0--1.1.sql \
1011
pg_stat_statements--unpackaged--1.0.sql
1112
PGFILEDESC = "pg_stat_statements - execution statistics of SQL statements"
1213

contrib/pg_stat_statements/pg_stat_statements--1.5--1.6.sql

+7
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,7 @@
1+
/* contrib/pg_stat_statements/pg_stat_statements--1.5--1.6.sql */
2+
3+
-- complain if script is sourced in psql, rather than via ALTER EXTENSION
4+
\echo Use "ALTER EXTENSION pg_stat_statements UPDATE TO '1.6'" to load this file. \quit
5+
6+
-- Execution is only allowed for superusers, fixing issue with 1.5.
7+
REVOKE EXECUTE ON FUNCTION pg_stat_statements_reset() FROM pg_read_all_stats;

contrib/pg_stat_statements/pg_stat_statements.control

+1-1
Original file line numberDiff line numberDiff line change
@@ -1,5 +1,5 @@
11
# pg_stat_statements extension
22
comment = 'track execution statistics of all SQL statements executed'
3-
default_version = '1.5'
3+
default_version = '1.6'
44
module_pathname = '$libdir/pg_stat_statements'
55
relocatable = true

0 commit comments

Comments
 (0)