Tom Lane wrote:
Neil Conway <[EMAIL PROTECTED]> writes:
I don't know which platforms it is secure/insecure on, but I can
certainly imagine secure systems where ps(1) data in general is viewed
as sensitive and thus not made globally visible.
It's imaginable, but can you point to any real examples?
FreeBSD's MAC (security.mac.seeotheruids.enabled sysctl) and the
Openwall Linux kernel patch are the first examples I found, but I didn't
spend long searching.
I don't think there is sufficient justification for removing this
feature and breaking users of a stable release series.
"Breaking" obviously-insecure usages is exactly the intention.
But it's not "obviously-insecure". In some situations it is perfectly
secure (or security isn't important), but there are better alternatives
(e.g. using trust authentication, as you suggest).
-Neil
---------------------------(end of broadcast)---------------------------
TIP 9: the planner will ignore your desire to choose an index scan if your
joining column's datatypes do not match
