doc: Reword description of roles able to view track_activities's info

The information generated when track_activities is accessible to
superusers, roles with the privileges of pg_read_all_stats, as well as
roles one has the privileges of.  The original text did not outline the
last point, while the change done in ac1ae47 was unclear about the
second point.

Per discussion with Nathan Bossart.

Discussion: https://postgr.es/m/20220521185743.GA886636@nathanxps13
Backpatch-through: 10

diff --git a/doc/src/sgml/config.sgml b/doc/src/sgml/config.sgml
index fe64239ed97c18d3f788024804f7326a8f97c6a0..5b7ce6531dadb608e38d0fa7e319bd288d42c2e3 100644 (file)
--- a/doc/src/sgml/config.sgml
+++ b/doc/src/sgml/config.sgml
@@ -7917,9 +7917,10 @@ COPY postgres_log FROM '/full/path/to/logfile.csv' WITH csv;
         executing command of each session, along with its identifier and the
         time when that command began execution. This parameter is on by
         default. Note that even when enabled, this information is only
-        visible to superusers, members of the
+        visible to superusers, roles with privileges of the
         <literal>pg_read_all_stats</literal> role and the user owning the
-        session being reported on, so it should not represent a security risk.
+        sessions being reported on (including sessions belonging to a role they
+        have the privileges of), so it should not represent a security risk.
         Only superusers and users with the appropriate <literal>SET</literal>
         privilege can change this setting.
        </para>