Stephan Szabo <sszabo@megazone23.bigpanda.com> writes:
>> This is infeasible since we don't have a concept of per-row permissions.
>> It's all or nothing.
> Maybe make statistics readable only by superusers with a view that uses
> CURRENT_USER or something like that to only give the objects that
> have owners of this user? Might be an ugly view, but...
Hmm, that would work --- you could join against pg_class to find out the
owner of the relation. While you were at it, maybe look up the
attribute name in pg_attribute as well. Anyone want to propose a
specific view definition?
regards, tom lane