On Tue, 2023-11-07 at 12:28 -0700, David G. Johnston wrote:
> This comes up every so often (including today on Discord) and I keep having trouble
> figuring out where to point people for our official assertion and explanation
> for why anyone with a login can view routine bodies, view specifications, and comments.
>
> Is this something we just don't want to go into detail within our documentation,
> or just no one has cared enough to write something up (beyond my first draft back
> then) and form it into a patch?
I am not sure if we can and want to document the "why" (this does not really belong
into the technical documentation), but the fact that most catalog tables can be read
by PUBLIC is worth documenting.
Perhaps here: https://www.postgresql.org/docs/current/catalogs.html
When people ask my "why?", I tend to answer "why not?". It is not a security
problem, in my opinion. Every user is allowed to know that I have a table
"purchase" with a column "credit_card_nr". As long as the permissions are set
correctly, that is no problem. Any attempt to hide that information is at best
"security by obscurity".
Yours,
Laurenz Albe
