On 2015-08-30 11:33:28 -0400, Stephen Frost wrote:
> Yeah, I'm not really thrilled with all of this information being
> available to everyone on the system. We already get ding'd by people
> for not limiting who can see what connections there are to the database
> and this is doubling-down on that.
I don't buy that the relevant piece of information is the CN when the
connection itself is visible. Neither do I buy the argument that later
hiding this for ssl once we have more granular permissions is going to
be relevantly painful in comparison to changing the contents of
pg_stat_activity itself.
