Re: Proposal: knowing detail of config files via SQL

* Stephen Frost (sfrost@snowman.net) wrote:
> > --- a/src/backend/catalog/system_views.sql
> > +++ b/src/backend/catalog/system_views.sql
> > @@ -414,6 +414,11 @@ CREATE RULE pg_settings_n AS
> >
> >  GRANT SELECT, UPDATE ON pg_settings TO PUBLIC;
> >
> > +CREATE VIEW pg_file_settings AS
> > +   SELECT * FROM pg_show_all_file_settings() AS A;
> > +
> > +REVOKE ALL on pg_file_settings FROM public;
> > +

Err, and further, I realize that you're not actually changing the
permissions on the actual function at all, which means that they're the
default which is "executable by anyone."

This will also need a

REVOKE EXECUTE on pg_show_all_file_settings() FROM public;

Or someone could simply run the function instead of using the view to
see the data returned.
Thanks,
    Stephen