| From: | Tomas Vondra <tomas(dot)vondra(at)2ndquadrant(dot)com> |
|---|---|
| To: | Dean Rasheed <dean(dot)a(dot)rasheed(at)gmail(dot)com> |
| Cc: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>, Stephen Frost <sfrost(at)snowman(dot)net>, Andres Freund <andres(at)anarazel(dot)de>, PostgreSQL Hackers <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | Re: Multivariate MCV stats can leak data to unprivileged users |
| Date: | 2019-06-15 23:24:28 |
| Message-ID: | 20190615232428.eljebxllgkrxt72b@development |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
On Thu, Jun 13, 2019 at 07:37:45PM +0200, Tomas Vondra wrote:
> ...
>
>OK, attached are patches fixing the issues reported by you and John
>Naylor, and squashing the parts into just two patches (catalog split and
>pg_stats_ext). Barring objections, I'll push those tomorrow.
>
>I've renamed columns in the _data catalog from 'stx' to 'stxd', which I
>think is appropriate given the "data" in catalog name.
>
>I'm wondering if we should change the examples in SGML docs (say, in
>planstats.sgml) to use the new pg_stats_ext view, instead of querying the
>catalogs directly. I've tried doing that, but I found the results less
>readable than what we currently have (especially for the MCV list, where
>it'd require matching elements in multiple arrays). So I've left this
>unchanged for now.
>
I've pushed those changes, after adding docs for the pg_stats_ext view.
regards
--
Tomas Vondra http://www.2ndQuadrant.com
PostgreSQL Development, 24x7 Support, Remote DBA, Training & Services
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Greg Stark | 2019-06-16 00:30:06 | Re: Improve handling of pg_stat_statements handling of bind "IN" variables |
| Previous Message | Tomas Vondra | 2019-06-15 23:22:19 | Re: CREATE STATISTICS documentation bug |