| From: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
|---|---|
| To: | Bruce Momjian <pgman(at)candle(dot)pha(dot)pa(dot)us> |
| Cc: | pgsql-hackers(at)postgresql(dot)org |
| Subject: | Re: Isn't pg_statistic a security hole? |
| Date: | 2001-05-07 22:54:21 |
| Message-ID: | 23526.989276061@sss.pgh.pa.us |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
Bruce Momjian <pgman(at)candle(dot)pha(dot)pa(dot)us> writes:
>> It seems to me that only superusers should be allowed to read the
>> pg_statistic table. Or am I overreacting? Comments?
> You are not overreacting. Imagine a salary column. I can imagine
> max/min being quite interesting.
A fine example, indeed ;-)
> I doubt it is worth letting non-super users see values in that table.
> Their only value is in debugging the optimizer, which seems like a
> super-user job anyway.
Well, mumble. I routinely ask people who're complaining of bad plans
for extracts from their pg_statistic table. I don't foresee that need
vanishing any time soon :-(. The idea of a view seemed nice, in part
because it could be set up to give all the useful info with a simple
select * from pg_statview where relname = 'foo';
rather than the messy three-way join you have to type now.
regards, tom lane
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Bruce Momjian | 2001-05-07 23:02:08 | Re: Isn't pg_statistic a security hole? |
| Previous Message | Philip Warner | 2001-05-07 22:44:55 | Re: A problem with new pg_dump |