| From: | Michael Paquier <michael(dot)paquier(at)gmail(dot)com> |
|---|---|
| To: | Bruce Momjian <bruce(at)momjian(dot)us> |
| Cc: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>, Andres Freund <andres(at)anarazel(dot)de>, Peter Eisentraut <peter_e(at)gmx(dot)net>, Magnus Hagander <magnus(at)hagander(dot)net>, PostgreSQL-development <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | Re: Information of pg_stat_ssl visible to all users |
| Date: | 2015-08-30 03:35:56 |
| Message-ID: | CAB7nPqQA9kwX-sC1xkYdf_oVezLE=LN+Q6ZmbTyrgyQPCopOMg@mail.gmail.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
On Sun, Aug 30, 2015 at 5:27 AM, Bruce Momjian wrote:
> I know I am coming in late here, but I know Heroku uses random user
> names to allow a cluster to have per-user databases without showing
> external user name details:
> [...]
> I can see them having problems with a user being able to see the SSL
> remote user names of all connected users.
>
Yep, and I can imagine that this is the case of any company managing cloud
nodes with Postgres embedded, and at least to me that's a real concern.
--
Michael
| From | Date | Subject | |
|---|---|---|---|
| Next Message | David Rowley | 2015-08-30 04:06:19 | Re: Minor code improvements to create_foreignscan_plan/ExecInitForeignScan |
| Previous Message | Andrew Dunstan | 2015-08-30 02:57:49 | Re: to_json(NULL) should to return JSON null instead NULL |