Home > mailing lists

Re: exposing pg_controldata and pg_config as functions - Mailing list pgsql-hackers

From	Michael Paquier
Subject	Re: exposing pg_controldata and pg_config as functions
Date	January 17, 2016 02:46:41
Msg-id	CAB7nPqTAzVAo3Q7K=vMpZZEWJfM6M_H1farz6v2Qoid=_Tagyw@mail.gmail.com Whole thread Raw
In response to	Re: exposing pg_controldata and pg_config as functions (Robert Haas <robertmhaas@gmail.com>)
Responses	Re: exposing pg_controldata and pg_config as functions (Andres Freund <andres@anarazel.de>)
List	pgsql-hackers

Tree view

On Sun, Jan 17, 2016 at 12:27 AM, Robert Haas <robertmhaas@gmail.com> wrote:
> On Jan 16, 2016, at 9:08 AM, Michael Paquier <michael.paquier@gmail.com> wrote:
>> Just forgot to mention that those new functions should be superuser-only.
>
> I think nobody should ever say this without explaining why. Superuser restrictions are necessary in some cases, but
thefewer of them we have, the better.
 

The pg_config functions are giving away information about the system
itself, isn't that potentially sensible? The pg_controdata ones show
up information about checkpoint, recovery etc. There are a couple of
fields that could be made completely visible, like the information
defined when running initdb or how the code is compiled like block
size (not the system ID), but we surely do not want to give away
checkpoint and recovery information.
-- 
Michael

pgsql-hackers by date:

From: Michael Paquier
Date: 17 January 2016, 02:43:02
Subject: Re: [GENERAL] Re: [BUGS] about test_parser installation failure problem(PostgreSQL in 9.5.0)？

From: Andres Freund
Date: 17 January 2016, 02:48:55
Subject: Re: exposing pg_controldata and pg_config as functions

Re: exposing pg_controldata and pg_config as functions - Mailing list pgsql-hackers

Previous

Next