On Mon, Aug 31, 2015 at 9:04 PM, Magnus Hagander <mag...@hagander.net> wrote: > > > On Sun, Aug 30, 2015 at 5:35 AM, Michael Paquier <michael.paqu...@gmail.com> > wrote: >> >> >> >> On Sun, Aug 30, 2015 at 5:27 AM, Bruce Momjian wrote: >>> >>> I know I am coming in late here, but I know Heroku uses random user >>> names to allow a cluster to have per-user databases without showing >>> external user name details: >>> [...] >>> I can see them having problems with a user being able to see the SSL >>> remote user names of all connected users. >> >> >> Yep, and I can imagine that this is the case of any company managing cloud >> nodes with Postgres embedded, and at least to me that's a real concern. > > > > How is it a concern that a CN field with a random username in it is > visible, when showing the actual random username isn't? That's not very > consistent...
How can you be sure as well that all such deployments would use random CN fields and/or random usernames? We have no guarantee of that as well. -- Michael -- Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers
