| From: | Peter Eisentraut <peter(dot)eisentraut(at)2ndquadrant(dot)com> |
|---|---|
| To: | Lou Picciano <LouPicciano(at)comcast(dot)net>, Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
| Cc: | Bruce Momjian <bruce(at)momjian(dot)us>, Kyotaro HORIGUCHI <horiguchi(dot)kyotaro(at)lab(dot)ntt(dot)co(dot)jp>, pgsql-hackers(at)postgresql(dot)org |
| Subject: | Re: pg_stat_ssl additions |
| Date: | 2018-12-01 13:41:42 |
| Message-ID: | 1b84688b-92c0-27fb-eba5-975ab2c45574@2ndquadrant.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
Updated patch with the renamed columns.
On 29/11/2018 14:49, Peter Eisentraut wrote:
> On 29/11/2018 01:27, Lou Picciano wrote:
>> Further, I’m not sure exposing details about Cert Issuer, etc. to
>> non-privileged users is much of an issue. For the most part, in most use
>> cases, ‘users’ should//would/ want to know what entity is the issuer. If
>> we’re talking about client certs, most of this is readily readable
>> anyway, no?
>
> The debate is whether an unprivileged user should be able to read the
> SSL information of *other* users' connections.
>
> My opinion is no.
I propose to address this as a separate patch later on.
--
Peter Eisentraut http://www.2ndQuadrant.com/
PostgreSQL Development, 24x7 Support, Remote DBA, Training & Services
| Attachment | Content-Type | Size |
|---|---|---|
| v3-0001-doc-Add-link-from-sslinfo-to-pg_stat_ssl.patch | text/plain | 941 bytes |
| v3-0002-Add-tests-for-pg_stat_ssl-system-view.patch | text/plain | 1.7 KB |
| v3-0003-Fix-pg_stat_ssl.clientdn.patch | text/plain | 1.7 KB |
| v3-0004-Add-more-columns-to-pg_stat_ssl.patch | text/plain | 14.6 KB |
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Tom Lane | 2018-12-01 17:06:36 | Re: Bug fix for glibc broke freebsd build in REL_11_STABLE |
| Previous Message | Amit Kapila | 2018-12-01 13:39:02 | Re: Inadequate executor locking of indexes |