| From: | Zeugswetter Andreas SB <ZeugswetterA(at)wien(dot)spardat(dot)at> |
|---|---|
| To: | "'Bruce Momjian'" <pgman(at)candle(dot)pha(dot)pa(dot)us> |
| Cc: | pgsql-hackers(at)postgresql(dot)org |
| Subject: | AW: Isn't pg_statistic a security hole? |
| Date: | 2001-05-08 08:03:25 |
| Message-ID: | 11C1E6749A55D411A9670001FA6879633682B6@sdexcsrv1.f000.d0188.sd.spardat.at |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
> > Right now anyone can look in pg_statistic and discover the min/max/most
> > common values of other people's tables. That's not a lot of info, but
> > it might still be more than you want them to find out. And the
> > statistical changes that I'm about to commit will allow a couple dozen
> > values to be exposed, not only three values per column.
> >
> > It seems to me that only superusers should be allowed to read the
> > pg_statistic table. Or am I overreacting? Comments?
>
> You are not overreacting. Imagine a salary column. I can imagine
> max/min being quite interesting.
>
> I doubt it is worth letting non-super users see values in that table.
> Their only value is in debugging the optimizer, which seems like a
> super-user job anyway.
How about letting them see all statistics where they have select permission
on the base table (if that is possible with the new permission table) ?
Andreas
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Pete Forman | 2001-05-08 08:03:34 | Re: IANA registration |
| Previous Message | Zeugswetter Andreas SB | 2001-05-08 07:59:11 | AW: AW: Re: New Linux xfs/reiser file systems |