| From: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
|---|---|
| To: | Stephen Frost <sfrost(at)snowman(dot)net> |
| Cc: | Craig Ringer <craig(at)2ndquadrant(dot)com>, Heikki Linnakangas <hlinnakangas(at)vmware(dot)com>, Harold Giménez <harold(at)heroku(dot)com>, pgsql-hackers(at)postgresql(dot)org |
| Subject: | Re: proposal: hide application_name from other users |
| Date: | 2014-01-21 15:25:38 |
| Message-ID: | 27422.1390317938@sss.pgh.pa.us |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
Stephen Frost <sfrost(at)snowman(dot)net> writes:
> * Craig Ringer (craig(at)2ndquadrant(dot)com) wrote:
>> If you want control over visibility of application_name, it should be
>> done with a column privilige granted to a system role, or something like
>> that - so the ability to see it can be given to "public" on default
>> (thus not breaking BC) and if it's revoked from "public", given to roles
>> that need to see it.
> I agree with this- individuals should be able to control access to this
> information for their databases/clusters.
I think that'd be much more complexity than the case justifies. The
argument that application_name might contain sensitive information seems
ludicrously weak to me: whatever a client is exposing as application_name
is its own darn choice. If you don't like it, go fix the client.
If there is some client library that sets application_name without
allowing the choice to be overridden, then that's a problem with that
library, not with the server's behavior.
regards, tom lane
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Marti Raudsepp | 2014-01-21 15:27:21 | Re: improve the help message about psql -F |
| Previous Message | Andres Freund | 2014-01-21 15:21:49 | Re: better atomics - v0.2 |