Josh Berkus <[EMAIL PROTECTED]> writes:
> Hmmm ... execept we're not requiring even permission on *one* DB in the 
> tablespace are we?

The status-quo-ante was that any user could get the number for any
database and/or any tablespace.  I'm prepared to admit that what I
committed is too strong, but no restriction at all still seems too weak.

> How difficult would it be to require 
> that the requestor have CONNECT on at least one DB in the tablespace?

... in particular, that restriction seems pretty content-free for most
practical layouts.  And it's got interesting security behaviors:
DBA A, by more-or-less innocently allowing some tables in his database B
to be created in tablespace C, might be allowing his unrelated user D to
find out info about some other database E that shares use of C.  I'd
like there to have to be some direct, intended connection of D to E
before D can measure E's size ...

                        regards, tom lane

---------------------------(end of broadcast)---------------------------
TIP 4: Have you searched our list archives?


Reply via email to