Re: Default Roles

* Heikki Linnakangas (hlinnaka(at)iki(dot)fi) wrote:
> On 05/13/2015 06:07 AM, Stephen Frost wrote:
> >This does change the XLOG functions to require pg_monitor, as discussed
> >on the other thread where it was pointed out by Heikki that the XLOG
> >location information could be used to extract sensitive information
> >based on what happens during compression.
>
> That seems like an orthogonal issue, not something that should be
> bundled in this patch. IIRC we didn't reach a consensus on what to
> do about the compression-leaks-information issue. One idea was to
> make it configurable on a per-table basis, and if we do that,
> perhaps we don't need to restrict access to
> pg_current_xlog_location() and friends.

Alright, I'll pull it out. I see it's already been added to the
open-items list, so we shouldn't forget about it.

For my 2c, I'd much rather have the information restricted to a
privileged role instead of having to disable the feature. Further, all
tables need to be considered as having privileged information, not just
systems ones like pg_authid, as the user might not have rights on the
other columns or rows in the table.

Thanks!

Stephen