On Sep 1, 2015 4:37 AM, "Michael Paquier" <michael.paqu...@gmail.com> wrote: > > On Tue, Sep 1, 2015 at 4:23 AM, Peter Eisentraut <pete...@gmx.net> wrote: > > On 8/31/15 9:13 AM, Andres Freund wrote: > >> I'm just saying that we should strive to behave at least somewhat > >> consistently, and change everything at once, not piecemal. Because the > >> latter will not decrease the pain of migrating to a new model in a > >> relevant way while making the system harder to understand. > > > > Well, we already hide a fair chunk of information from pg_stat_activity > > from unprivileged users, including everything related to the connection > > origin of other users. So from that precedent, the entire SSL > > information ought to be considered privileged. > > That being said we may want as well to bite the bullet and to hide > more information in pg_stat_activity, like datname, usename and > application_name, or simply hide completely those tuples for > non-privileged users.
That's likely to break every single monitoring tool ever written for postgresql... We're going to have to do that eventually, but I think we should wait until we have a complete solution (which would be either column permissions, monitoring role, or something like that (or combination thereof)). /Magnus
