On 02/17/2016 02:14 PM, Tom Lane wrote: > Peter Eisentraut <pete...@gmx.net> writes: >> On 2/17/16 12:15 PM, Joe Conway wrote: >>> Ok, removed the documentation on the function pg_config() and pushed. > >> I still have my serious doubts about this, especially not even requiring >> superuser access for this information. Could someone explain why we >> need this? > > I thought we'd agreed on requiring superuser access for this function. > I concur that letting just anyone see the config data is inappropriate.
It does not let anyone see config data out of the box: + CREATE VIEW pg_config AS + SELECT * FROM pg_config(); + + REVOKE ALL on pg_config FROM PUBLIC; + REVOKE EXECUTE ON FUNCTION pg_config() FROM PUBLIC; + But it does not have an explicit superuser check. I can add that if that's the consensus. Joe -- Crunchy Data - http://crunchydata.com PostgreSQL Support for Secure Enterprises Consulting, Training, & Open Source Development
Description: OpenPGP digital signature