On Mon, Aug 27, 2007 at 11:59:05AM -0700, Joshua D. Drake wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > Decibel! wrote: > > On Mon, Aug 27, 2007 at 08:08:34AM -0700, Joshua D. Drake wrote: > > >> This is a problem. Our analytics software purposefully does not use a > >> super user, you are going to force the use of superusers with admin and > >> monitoring tools. > > > > Well, you could always create a wrapper function that is SECURITY > > DEFINER... > > Well from my perspective, it is nice that we don't have to install > anything except a non privileged user to get what we need. > > Really, if we change this we might as well also block all access to > information_schema, the net effect is the same.
Info_schema should be checking permissions the same as, say, \d does. What I think we *really* need is a set of views for people to use that have appropriate security, instead of using pg_catalog directly. -- Decibel!, aka Jim Nasby [EMAIL PROTECTED] EnterpriseDB http://enterprisedb.com 512.569.9461 (cell)
Description: PGP signature