Bruce Momjian <pgman@candle.pha.pa.us> writes:
> Tom Lane wrote:
>> Anyone object if I turn off public read access to
>> pg_largeobject?
> Please do whatever you can to tighten it up. I thought we needed to keep
> read access so people could get to their large objects, but maybe not.
Yeah, right after sending that message I remembered that we had already
discussed this and concluded it would break clients :-(.
There's really no security for large objects anyway, since if you know
or can guess the OID of one you can read (or write!) it regardless.
Not much point in turning off read access on pg_largeobject unless we
rethink that ...
regards, tom lane
