On Wed, Sep 27, 2023 at 1:30 PM Alexander Petrossian <alexander.petrossian@xxxxxxxxx> wrote: > > > 25 сент. 2023 г., в 17:28, Tom Lane <tgl@xxxxxxxxxxxxx> написал(а): > > Alexander Petrossian <alexander.petrossian@xxxxxxxxx> writes: > >>>> I am wondering why is this, why not allow debugging for non-privileged users? > > Even if there's a way to restrict > > debugging connections to sessions owned by the same user, > > I guess, there is such a way. Looks trivial... > I think that any debugger in any environment can be nasty things, being able to trace and modify a running "thing". Having said that, I believe that the reason about why pldebugger needs superuser privileges could be explained only by the authors (or someone reading the code). Quite frankly, I would point out that you probably would not allow pldebugger to run on a production system, as well as you probably will not debug your production application thing. flipping the coin, it could be that requiring superuser privileges to attach the debugger is a good thing, so you normal poor user don't risk to attach a malicious debugger in a production environment (because you don't have superuser privileges in a production environment, right?). But again, I suspect only the authors can explain that. Luca
