Home > mailing lists

Re: Information of pg_stat_ssl visible to all users - Mailing list pgsql-hackers

From	Tom Lane
Subject	Re: Information of pg_stat_ssl visible to all users
Date	July 7, 2015 19:58:13
Msg-id	26947.1436288278@sss.pgh.pa.us Whole thread Raw
In response to	Re: Information of pg_stat_ssl visible to all users (Andres Freund <andres@anarazel.de>)
Responses	Re: Information of pg_stat_ssl visible to all users
List	pgsql-hackers

Tree view

Andres Freund <andres@anarazel.de> writes:
> On 2015-07-07 12:03:36 -0400, Peter Eisentraut wrote:
>> I think the DN is analogous to the remote user name, which we don't
>> expose for any of the other authentication methods.

> Huh?

Peter's exactly right: there is no other case where you can tell what
some other connection's actual OS username is.  You might *guess* that
it's the same as their database username, but you don't know that,
assuming you don't know how they authenticated.

I'm not sure how security-critical this info really is, though.
        regards, tom lane

pgsql-hackers by date:

From: Josh Berkus
Date: 07 July 2015, 19:54:57
Subject: Re: 9.5 alpha: some small comments on BRIN and btree_gin

From: Fujii Masao
Date: 07 July 2015, 19:58:38
Subject: Re: [PATCH] correct the initdb.log path for pg_regress

Re: Information of pg_stat_ssl visible to all users - Mailing list pgsql-hackers

Previous

Next