From 29dd6d8bc631eebc3e50493c115f7a215f03bd0a Mon Sep 17 00:00:00 2001
From: Fujii Masao <fujii@postgresql.org>
Date: Wed, 26 Aug 2020 10:50:02 +0900
Subject: Prevent non-superusers from reading pg_backend_memory_contexts, by
 default.

pg_backend_memory_contexts view contains some internal information of
memory contexts. Since exposing them to any users by default may cause
security issue, this commit allows only superusers to read this view,
by default, like we do for pg_shmem_allocations view.

Bump catalog version.

Author: Atsushi Torikoshi
Reviewed-by: Michael Paquier, Fujii Masao
Discussion: https://postgr.es/m/1414992.1597849297@sss.pgh.pa.us
---
 doc/src/sgml/catalogs.sgml | 4 ++++
 1 file changed, 4 insertions(+)

(limited to 'doc/src')

diff --git a/doc/src/sgml/catalogs.sgml b/doc/src/sgml/catalogs.sgml
index 1232b24e74c..9fe260ecff7 100644
--- a/doc/src/sgml/catalogs.sgml
+++ b/doc/src/sgml/catalogs.sgml
@@ -9697,6 +9697,10 @@ SCRAM-SHA-256$<replaceable>&lt;iteration count&gt;</replaceable>:<replaceable>&l
    </tgroup>
   </table>
 
+  <para>
+   By default, the <structname>pg_backend_memory_contexts</structname> view can be
+   read only by superusers.
+  </para>
  </sect1>
 
  <sect1 id="view-pg-config">
-- 
cgit v1.2.3