Re: Auto-explain patch

On 7/9/08, ITAGAKI Takahiro <itagaki.takahiro@oss.ntt.co.jp> wrote:
>  Dean Rasheed <dean_rasheed@hotmail.com> wrote:
> > * client_sql_trace = on | off - settable by a normal user to allow a
>  > client session to see the sql_trace output. If this parameter is on,
>  > the sql_trace will be logged as NOTICE output.
>
>
> In terms of security, is it ok to show normal users SQLs used in functions
>  that are owned by other users? Users can call not-owned functions only if
>  they have EXECUTE privilege on them. -- presently we can see function
>  bodies from pg_proc.prosrc freely, though.

Different owner is not a problem, but SECURITY DEFINER may be.

That can be solved by turning the setting off on entry to such function,
by non-superuser.  Like we handle search_path.

-- 
marko