On Fri, Mar 14, 2014 at 12:30 AM, Prabakaran, Vaishnavi
<vaishna...@fast.au.fujitsu.com> wrote:
> Hi,
>
> In connection to my previous proposal about "providing catalog view to
> pg_hba.conf file contents" , I have developed the attached patch .
>
[...]
>
> [What this Patch does]
>
> Functionality of the attached patch is that it will provide a new view
> "pg_hba_settings" to admin users. Public access to the view is restricted.
> This view will display basic information about HBA setting details of
> postgresql cluster.  Information to be shown , is taken from parsed hba
> lines and not directly read from pg_hba.conf files. Documentation files are
> also updated to include details of this new view under "Chapter 47.System
> Catalogs". Also , a new note is added in "chapter 19.1 The pg_hba.conf File"
>

A normal user can see all the info the view provide once you GRANT
permissions on it. How much info should a non-superuser see from this
view? currently a non-superuser can't see pg_hba info, now it can.

This function should be superuser only or only show info related for
current_user if it user is not superuser.

Also, i think you should use lowercase values just they are in
pg_hba.conf (ie: local not Local, host not Host, etc)

-- 
Jaime Casanova         www.2ndQuadrant.com
Professional PostgreSQL: Soporte 24x7 y capacitaciĆ³n
Phone: +593 4 5107566         Cell: +593 987171157


-- 
Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-hackers

Reply via email to