On 2019-02-12 07:40, Michael Paquier wrote: > On Thu, Feb 07, 2019 at 09:30:38AM +0100, Peter Eisentraut wrote: >> If so, is there anything in that view that should be made available to >> non-superusers? If not, then we could perhaps do this via a simple >> permission change instead of going the route of blanking out individual >> columns. > > Hm. It looks sensible to move to a per-permission approach for that > view. Now, pg_stat_get_activity() is not really actually restricted, > and would still return the information on direct calls, so the idea > would be to split the SSL-related data into its own function?
We could remove default privileges from pg_stat_get_activity(). Would that be a problem? -- Peter Eisentraut http://www.2ndQuadrant.com/ PostgreSQL Development, 24x7 Support, Remote DBA, Training & Services
