Josh Berkus <[EMAIL PROTECTED]> writes: >> pgrowlocks tells you about row lock states, which maybe is not that >> interesting for security, but still it's information that one wouldn't >> expect to be exposed to someone who isn't allowed to read the table. >> I suppose knowing the number of live tuples might in itself be >> sensitive information.
> Here I think the advantage of being able to run this as a non-superuser > (and thus not have the superuser password on the client machine) outweighs > any data which can be reverse-engineered from the lock information. I have no objection to knocking this down to demanding only SELECT privs on the table. It's hard to think that it is OK to be totally unsecured. > Hmmm, we can't really require anything greater than SELECT permission for > dbsize. That's OK for individual tables, but we have no equivalent concept for whole databases or tablespaces. What do you propose for them? regards, tom lane ---------------------------(end of broadcast)--------------------------- TIP 4: Have you searched our list archives? http://archives.postgresql.org