Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[YSQL] Enable non-superuser or non-admin users to request information from pg_locks/yb_lock_status #16919

Open
1 task done
Tracked by #18901
robertsami opened this issue Apr 18, 2023 · 0 comments
Open
1 task done
Tracked by #18901

[YSQL] Enable non-superuser or non-admin users to request information from pg_locks/yb_lock_status #16919

robertsami opened this issue Apr 18, 2023 · 0 comments
Assignees
@sushantrmishra @pkj415
Labels
area/ysql Yugabyte SQL (YSQL) kind/enhancement This is an enhancement of an existing feature priority/medium Medium priority issue

Comments

@robertsami
Copy link
Contributor

robertsami commented Apr 18, 2023
edited by tvesely
Loading

Jira Link: DB-6248

Description

Before doing this, we need to ensure row/col information from yb_lock_status, and any other potentially sensitive data or PII, is masked unless requested by superuser or db admin.

The range/hash columns for a superuser:

yugabyte=# select hash_cols, range_cols from yb_lock_status(null,null);
    hash_cols  | range_cols 
---------------+------------
               | 
 {1000,"test"} | 
 {1000,"test"} | {3}
(3 rows)

The same range/hash columns will be masked when a regular user queries the tables:

yugabyte=# select hash_cols, range_cols from yb_lock_status(null,null);
 hash_cols | range_cols 
-----------+------------
           | 
  {X,X}    | 
  {X,X}    | {X}
(3 rows)

Warning: Please confirm that this issue does not contain any sensitive information

  • I confirm this issue does not contain any sensitive information.
@robertsami robertsami added area/ysql Yugabyte SQL (YSQL) status/awaiting-triage Issue awaiting triage labels Apr 18, 2023
@yugabyte-ci yugabyte-ci added kind/bug This issue is a bug priority/medium Medium priority issue labels Apr 18, 2023
@robertsami robertsami mentioned this issue Apr 18, 2023
Closed
@yugabyte-ci yugabyte-ci added kind/enhancement This is an enhancement of an existing feature and removed status/awaiting-triage Issue awaiting triage kind/bug This issue is a bug labels May 8, 2023
@robertsami robertsami changed the title [YSQL] Ensure row/col information from yb_lock_status is masked unless requested by superuser or db admin [YSQL] Enable non-superuser or non-admin users to request information from pg_locks/yb_lock_status Aug 23, 2023
@rthallamko3 rthallamko3 mentioned this issue Aug 29, 2023
Closed
3 tasks
@rthallamko3 rthallamko3 assigned sushantrmishra and unassigned tvesely May 6, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@sushantrmishra sushantrmishra

@pkj415 pkj415

Labels
area/ysql Yugabyte SQL (YSQL) kind/enhancement This is an enhancement of an existing feature priority/medium Medium priority issue
Projects
Wait-Queue Based Locking
Status: Pending
Milestone
No milestone
Development

No branches or pull requests
5 participants
@robertsami @sushantrmishra @pkj415 @yugabyte-ci @tvesely