Home > mailing lists

Re: Auto-explain patch - Mailing list pgsql-hackers

From	ITAGAKI Takahiro
Subject	Re: Auto-explain patch
Date	July 9, 2008 09:49:02
Msg-id	20080709183122.5DC2.52131E4D@oss.ntt.co.jp Whole thread Raw
In response to	Re: Auto-explain patch (Dean Rasheed <dean_rasheed@hotmail.com>)
Responses	Re: Auto-explain patch ("Marko Kreen" <markokr@gmail.com>)
List	pgsql-hackers

Tree view

Dean Rasheed <dean_rasheed@hotmail.com> wrote:

> * client_sql_trace = on | off - settable by a normal user to allow a
> client session to see the sql_trace output. If this parameter is on,
> the sql_trace will be logged as NOTICE output.

In terms of security, is it ok to show normal users SQLs used in functions
that are owned by other users? Users can call not-owned functions only if
they have EXECUTE privilege on them. -- presently we can see function
bodies from pg_proc.prosrc freely, though.

Regards,
---
ITAGAKI Takahiro
NTT Open Source Software Center

pgsql-hackers by date:

From: Dean Rasheed
Date: 09 July 2008, 09:16:57
Subject: Re: Auto-explain patch

From: Tino Wildenhain
Date: 09 July 2008, 10:32:50
Subject: Re: Identifier case folding notes

Re: Auto-explain patch - Mailing list pgsql-hackers

Previous

Next