On Sun, Jan 17, 2016 at 12:27 AM, Robert Haas <robertmh...@gmail.com> wrote: > On Jan 16, 2016, at 9:08 AM, Michael Paquier <michael.paqu...@gmail.com> > wrote: >> Just forgot to mention that those new functions should be superuser-only. > > I think nobody should ever say this without explaining why. Superuser > restrictions are necessary in some cases, but the fewer of them we have, the > better.
The pg_config functions are giving away information about the system itself, isn't that potentially sensible? The pg_controdata ones show up information about checkpoint, recovery etc. There are a couple of fields that could be made completely visible, like the information defined when running initdb or how the code is compiled like block size (not the system ID), but we surely do not want to give away checkpoint and recovery information. -- Michael -- Sent via pgsql-hackers mailing list (email@example.com) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers