* Stephen Frost (sfr...@snowman.net) wrote: > > --- a/src/backend/catalog/system_views.sql > > +++ b/src/backend/catalog/system_views.sql > > @@ -414,6 +414,11 @@ CREATE RULE pg_settings_n AS > > > > GRANT SELECT, UPDATE ON pg_settings TO PUBLIC; > > > > +CREATE VIEW pg_file_settings AS > > + SELECT * FROM pg_show_all_file_settings() AS A; > > + > > +REVOKE ALL on pg_file_settings FROM public; > > +
Err, and further, I realize that you're not actually changing the permissions on the actual function at all, which means that they're the default which is "executable by anyone." This will also need a REVOKE EXECUTE on pg_show_all_file_settings() FROM public; Or someone could simply run the function instead of using the view to see the data returned. Thanks, Stephen
signature.asc
Description: Digital signature