In prior versions of Postgres, it has never been possible to remotely find out the data directory location being used by the postmaster (at least not without hacking some C code, which only superusers may do).
You can make about equally good arguments that this is a bug or that it's a feature: BUG: it would be handy to be able to find that out remotely, especially when you are admin for many postmasters and have forgotten which is which. FEATURE: ordinary users should not need to know this, and knowing it might aid blackhat users in attacking the server. As of CVS tip, if you are using the config-file-location-changing features, anybody can find out the data directory location via "show pgdata"; and they can find out where you put the secondary config files too, if it's not default. So we now have either a feature or a bug. If you consider it a feature then it's incomplete: it would be handy for "show pgdata" to tell the truth all the time, whether you'd set the path in postgresql.conf or not. Ditto for the config filename variables. If you consider it a bug then CVS tip has a potential security vulnerability that was never there before. I am sort of on the fence about this. I am thinking that it would be good to expose this information, but *only* to superusers. It would not take much code to add a GUC variable flag bit that prevents non-superusers from examining the value of the GUC variable, and only a little more code to reflect the correct paths into these variables all the time. Comments, objections, better ideas? If I hear no objection I'll make it work that way. regards, tom lane ---------------------------(end of broadcast)--------------------------- TIP 2: you can get off all lists at once with the unregister command (send "unregister YourEmailAddressHere" to [EMAIL PROTECTED])