On Tue, 2023-11-07 at 12:28 -0700, David G. Johnston wrote: > This comes up every so often (including today on Discord) and I keep having > trouble > figuring out where to point people for our official assertion and explanation > for why anyone with a login can view routine bodies, view specifications, and > comments. > > Is this something we just don't want to go into detail within our > documentation, > or just no one has cared enough to write something up (beyond my first draft > back > then) and form it into a patch?
I am not sure if we can and want to document the "why" (this does not really belong into the technical documentation), but the fact that most catalog tables can be read by PUBLIC is worth documenting. Perhaps here: https://www.postgresql.org/docs/current/catalogs.html When people ask my "why?", I tend to answer "why not?". It is not a security problem, in my opinion. Every user is allowed to know that I have a table "purchase" with a column "credit_card_nr". As long as the permissions are set correctly, that is no problem. Any attempt to hide that information is at best "security by obscurity". Yours, Laurenz Albe
