On Mon, Aug 27, 2007 at 11:59:05AM -0700, Joshua D. Drake wrote:
> Hash: SHA1
> Decibel! wrote:
> > On Mon, Aug 27, 2007 at 08:08:34AM -0700, Joshua D. Drake wrote:
> >> This is a problem. Our analytics software purposefully does not use a
> >> super user, you are going to force the use of superusers with admin and
> >> monitoring tools.
> >  
> > Well, you could always create a wrapper function that is SECURITY
> > DEFINER...
> Well from my perspective, it is nice that we don't have to install
> anything except a non privileged user to get what we need.
> Really, if we change this we might as well also block all access to
> information_schema, the net effect is the same.

Info_schema should be checking permissions the same as, say, \d does.

What I think we *really* need is a set of views for people to use that
have appropriate security, instead of using pg_catalog directly.
Decibel!, aka Jim Nasby                        [EMAIL PROTECTED]
EnterpriseDB      http://enterprisedb.com      512.569.9461 (cell)

Attachment: pgpY533aesdWt.pgp
Description: PGP signature

Reply via email to