Re: proposal: hide application_name from other users

* Magnus Hagander (magnus@hagander.net) wrote:
> On Tue, Jan 21, 2014 at 5:18 PM, Stephen Frost <sfrost@snowman.net> wrote:
> > Not unless we change it to allow read-access to all tables to allow for
> > pg_dump to work...
>
> That sounds more like CAP_DUMP than CAP_BACKUP :)

Well, perhaps CAP_READONLY (or READALL?), there are auditor-type roles
which could be reduced to that level instead of superuser.  I'm on the
fence about if this needs to be seperate from REPLICATION though- how
many different such options are we going to have and how ugly is it
going to get to litter the code with if(superuser || read-only || ...)?

Perhaps a way to say "this role has X-privilege on all objects of this
type" which could then be used to GRANT SELECT and would be a single
point where we need to add those checks (in the ACL code for each
object type)?  One of the key points would be that the privilege apply
to newly created objects as well..
Thanks,
    Stephen