| From: | Stephen Frost <sfrost(at)snowman(dot)net> |
|---|---|
| To: | Craig Ringer <craig(at)2ndquadrant(dot)com> |
| Cc: | Heikki Linnakangas <hlinnakangas(at)vmware(dot)com>, Harold Giménez <harold(at)heroku(dot)com>, pgsql-hackers(at)postgresql(dot)org |
| Subject: | Re: proposal: hide application_name from other users |
| Date: | 2014-01-21 12:12:03 |
| Message-ID: | 20140121121203.GN31026@tamriel.snowman.net |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
* Craig Ringer (craig(at)2ndquadrant(dot)com) wrote:
> It also means that monitoring tools must run as superuser to see
> information they require, which to me is a total showstopper.
We've already got *far* too much of that going on for my taste. I'd
love to see a comprehensive solution to this problem which allows
monitoring systems to run w/o superuser privileges.
> If you want control over visibility of application_name, it should be
> done with a column privilige granted to a system role, or something like
> that - so the ability to see it can be given to "public" on default
> (thus not breaking BC) and if it's revoked from "public", given to roles
> that need to see it.
I agree with this- individuals should be able to control access to this
information for their databases/clusters.
Thanks,
Stephen
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Alexander Korotkov | 2014-01-21 12:28:48 | Re: GIN improvements part 1: additional information |
| Previous Message | Marko Kreen | 2014-01-21 12:07:51 | Re: Fix memset usage in pgcrypto |