As part of the security fix (e2d4ef8de869c57e3bf270a30c12d48c2ce4e00c), we have restricted the users from accessing the statistics of the table if the user doesn't have privileges on the table and the function is not leakproof. Now, as a side effect of this, if the user has the privileges on the root partitioned table but does not have privilege on the child tables, the user will be able to access the data of the child table but it won't be able to access the statistics of the child table. This may result in a bad plan. I am not sure what should be the fix. Should we allow to access the statistics of the table if a user has privilege on its parent table?
-- Regards, Dilip Kumar EnterpriseDB: http://www.enterprisedb.com
