Home > mailing lists

Re: Information of pg_stat_ssl visible to all users - Mailing list pgsql-hackers

From	Peter Eisentraut
Subject	Re: Information of pg_stat_ssl visible to all users
Date	August 31, 2015 22:23:32
Msg-id	55E4A9AB.9010702@gmx.net Whole thread Raw
In response to	Re: Information of pg_stat_ssl visible to all users (Andres Freund <andres@anarazel.de>)
Responses	Re: Information of pg_stat_ssl visible to all users
List	pgsql-hackers

Tree view

On 8/31/15 9:13 AM, Andres Freund wrote:
> I'm just saying that we should strive to behave at least somewhat
> consistently, and change everything at once, not piecemal. Because the
> latter will not decrease the pain of migrating to a new model in a
> relevant way while making the system harder to understand.

Well, we already hide a fair chunk of information from pg_stat_activity
from unprivileged users, including everything related to the connection
origin of other users.  So from that precedent, the entire SSL
information ought to be considered privileged.

pgsql-hackers by date:

From: Kevin Grittner
Date: 31 August 2015, 22:18:12
Subject: Re: Should \o mean "everything?"

From: Qingqing Zhou
Date: 31 August 2015, 22:54:31
Subject: Re: Horizontal scalability/sharding

Re: Information of pg_stat_ssl visible to all users - Mailing list pgsql-hackers

Previous

Next