Re: exposing pg_controldata and pg_config as functions
| От | Michael Paquier |
|---|---|
| Тема | Re: exposing pg_controldata and pg_config as functions |
| Дата | |
| Msg-id | CAB7nPqTAzVAo3Q7K=vMpZZEWJfM6M_H1farz6v2Qoid=_Tagyw@mail.gmail.com обсуждение исходный текст |
| Ответ на | Re: exposing pg_controldata and pg_config as functions (Robert Haas <robertmhaas@gmail.com>) |
| Ответы |
Re: exposing pg_controldata and pg_config as functions
|
| Список | pgsql-hackers |
On Sun, Jan 17, 2016 at 12:27 AM, Robert Haas <robertmhaas@gmail.com> wrote: > On Jan 16, 2016, at 9:08 AM, Michael Paquier <michael.paquier@gmail.com> wrote: >> Just forgot to mention that those new functions should be superuser-only. > > I think nobody should ever say this without explaining why. Superuser restrictions are necessary in some cases, but thefewer of them we have, the better. The pg_config functions are giving away information about the system itself, isn't that potentially sensible? The pg_controdata ones show up information about checkpoint, recovery etc. There are a couple of fields that could be made completely visible, like the information defined when running initdb or how the code is compiled like block size (not the system ID), but we surely do not want to give away checkpoint and recovery information. -- Michael
В списке pgsql-hackers по дате отправления: