* Joe Conway (m...@joeconway.com) wrote: > On 08/26/2015 06:33 AM, Stephen Frost wrote: > > * Joe Conway (m...@joeconway.com) wrote: > >> Issues needing comment: a.) Which items need hiding from > >> non-superusers and should the value be redacted or the entire > >> result set row be suppressed? > > > > I'm of the opinion that we need to at least redact it and that what > > we should do is simply suppress the entire result set until we > > provide a way for administrators to manage who can access it (eg: > > default roles, this one would fall under 'pg_monitor', imo). > > Whatever it is it would have to be available during initdb. And in any > case I'm no closer to knowing which rows to hide/redact/suppress other > than WAL position. Possibly the thing to do for now would be to revoke > public from these?
That was my thinking- revoke public from them. The default roles, based
on the last patch anyway, are available at initdb time and when
system_views.sql is run.
Thanks!
Stehpen
signature.asc
Description: Digital signature
