On Tue, Sep 1, 2015 at 4:23 AM, Peter Eisentraut <pete...@gmx.net> wrote: > On 8/31/15 9:13 AM, Andres Freund wrote: >> I'm just saying that we should strive to behave at least somewhat >> consistently, and change everything at once, not piecemal. Because the >> latter will not decrease the pain of migrating to a new model in a >> relevant way while making the system harder to understand. > > Well, we already hide a fair chunk of information from pg_stat_activity > from unprivileged users, including everything related to the connection > origin of other users. So from that precedent, the entire SSL > information ought to be considered privileged.
That being said we may want as well to bite the bullet and to hide more information in pg_stat_activity, like datname, usename and application_name, or simply hide completely those tuples for non-privileged users. -- Michael -- Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers