Greetings,
* David G. Johnston (david.g.johnston@gmail.com) wrote:
> You can consider this email to have accomplished both. Lacking someone
> saying they they are working on it and pointing you to a patch you can
> safely operate under the assumption that this behavior isn’t going to
> change. I suppose its possible with the recent row-level security feature
> that a fresh look leveraging that facility could be considered but AFAIK
> that hasn’t and isn’t being done.
Actually, there was work specifically around that which it'd be nice if
someone had time to pick up and work on.
https://www.postgresql.org/message-id/CAJrrPGdCZEVxQTs49CqxjjyffHKPFtff+sa6c6f5Z5grXztodw@mail.gmail.com
One of the big questions around that is how much good is it to limit
access when the catalog tables are queried directly when you can gather
information about what's in them in other ways that we wouldn't want to
be running through RLS (such as when we do direct catalog accesses as
part of some DDL or such). That's a similar trade-off that application
designers have to deal with when using RLS (eg: primary key violations
could 'leak' the knowledge that a particular value exists even if you
can't see it) and in many cases it's acceptable.
Thanks,
Stephen
