Re: Information of pg_stat_ssl visible to all users

On Sep 1, 2015 4:37 AM, "Michael Paquier" <michael(dot)paquier(at)gmail(dot)com> wrote:
>
> On Tue, Sep 1, 2015 at 4:23 AM, Peter Eisentraut <peter_e(at)gmx(dot)net> wrote:
> > On 8/31/15 9:13 AM, Andres Freund wrote:
> >> I'm just saying that we should strive to behave at least somewhat
> >> consistently, and change everything at once, not piecemal. Because the
> >> latter will not decrease the pain of migrating to a new model in a
> >> relevant way while making the system harder to understand.
> >
> > Well, we already hide a fair chunk of information from pg_stat_activity
> > from unprivileged users, including everything related to the connection
> > origin of other users. So from that precedent, the entire SSL
> > information ought to be considered privileged.
>
> That being said we may want as well to bite the bullet and to hide
> more information in pg_stat_activity, like datname, usename and
> application_name, or simply hide completely those tuples for
> non-privileged users.

That's likely to break every single monitoring tool ever written for
postgresql...

We're going to have to do that eventually, but I think we should wait until
we have a complete solution (which would be either column permissions,
monitoring role, or something like that (or combination thereof)).

/Magnus