I wrote: >>>> One thing that I worried about for a little bit is that you can imagine >>>> privilege-escalation scenarios.
> A conservative approach would be to report the query texts *only* in the > server log and never to the client --- this would need a bit of klugery > but seems doable. Anybody have any opinions about changing this or sticking with the behavior as-submitted? It doesn't seem like an open-and-shut issue to me. If we report the query texts only to the server log, we could remove all restrictions on which users' queries would be reported. That would clearly be helpful in some cases. On the other hand, it would clearly be less convenient to use than the existing approach that sends information to the client. I'm not real excited about adding still another wart to ereport() to make this possible, either. Comments welcome. regards, tom lane - Sent via pgsql-patches mailing list (pgsql-patches@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-patches