Tom Lane writes:
> Hmm, that seems overly paranoid to me. J Random Luser could not obscure
> his actions (if the admin is logging SQL statements). He could possibly
> obscure his error messages, but is that enough of a security risk to
> take away the ability of users to read their own errors in a convenient
> language? I'd lean to "no".
The other problem is that changing the language at runtime doesn't really
work well, because there are obscure dependencies on LC_CTYPE and
depending on the implementation of gettext there is some caching going on.
So the real answer is actually, "It doesn't work, but the superuser is
free to try."
> Of course the really nice answer would be to have different language
> settings for messages to the system log and messages to the client, but
> I suppose that's probably not very practical given the way gettext works.
Indeed, but it needs to be fixed sometime.
--
Peter Eisentraut peter_e@gmx.net
