Josh Berkus <josh@agliodbs.com> writes:
>> pgrowlocks tells you about row lock states, which maybe is not that
>> interesting for security, but still it's information that one wouldn't
>> expect to be exposed to someone who isn't allowed to read the table.
>> I suppose knowing the number of live tuples might in itself be
>> sensitive information.
> Here I think the advantage of being able to run this as a non-superuser
> (and thus not have the superuser password on the client machine) outweighs
> any data which can be reverse-engineered from the lock information.
I have no objection to knocking this down to demanding only SELECT privs
on the table. It's hard to think that it is OK to be totally unsecured.
> Hmmm, we can't really require anything greater than SELECT permission for
> dbsize.
That's OK for individual tables, but we have no equivalent concept for
whole databases or tablespaces. What do you propose for them?
regards, tom lane