AW: Isn't pg_statistic a security hole?

> > Right now anyone can look in pg_statistic and discover the min/max/most
> > common values of other people's tables.  That's not a lot of info, but
> > it might still be more than you want them to find out.  And the
> > statistical changes that I'm about to commit will allow a couple dozen
> > values to be exposed, not only three values per column.
> > 
> > It seems to me that only superusers should be allowed to read the
> > pg_statistic table.  Or am I overreacting?  Comments?
> 
> You are not overreacting.  Imagine a salary column.  I can imagine
> max/min being quite interesting.
> 
> I doubt it is worth letting non-super users see values in that table. 
> Their only value is in debugging the optimizer, which seems like a
> super-user job anyway.

How about letting them see all statistics where they have select permission 
on the base table (if that is possible with the new permission table) ?

Andreas