I wrote:
>>>> One thing that I worried about for a little bit is that you can imagine
>>>> privilege-escalation scenarios.

> A conservative approach would be to report the query texts *only* in the
> server log and never to the client --- this would need a bit of klugery
> but seems doable.

Anybody have any opinions about changing this or sticking with the
behavior as-submitted?  It doesn't seem like an open-and-shut issue
to me.

If we report the query texts only to the server log, we could remove all
restrictions on which users' queries would be reported.  That would
clearly be helpful in some cases.  On the other hand, it would clearly
be less convenient to use than the existing approach that sends
information to the client.  I'm not real excited about adding still
another wart to ereport() to make this possible, either.

Comments welcome.

                        regards, tom lane

Sent via pgsql-patches mailing list (pgsql-patches@postgresql.org)
To make changes to your subscription:

Reply via email to