Robert Haas wrote: > On Wed, Jul 22, 2015 at 5:17 PM, Dean Rasheed <dean.a.rash...@gmail.com> > wrote: > > There's another issue here though -- just adding filters to the > > pg_stats view won't prevent a determined user from seeing the contents > > of the underlying table. For that, the view needs to have the > > security_barrier property. Arguably the fact that pg_stats isn't a > > security barrier view is a long-standing information leak allowing > > users to see values from tables for which they don't have any > > permissions. Is anyone concerned about that? > > Hrm. There's no help for that in the back-branches, but we should > probably change it in 9.5+.
Perhaps not code-wise, but we could have a release note item suggesting to run such-and-such command to plug the leak. -- Álvaro Herrera http://www.2ndQuadrant.com/ PostgreSQL Development, 24x7 Support, Remote DBA, Training & Services -- Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers
