Re: Application name patch - v4
Tom Lane <tgl@sss.pgh.pa.us>
From: Tom Lane <tgl@sss.pgh.pa.us>
To: Dave Page <dpage@pgadmin.org>
Cc: PostgreSQL Hackers <pgsql-hackers@postgresql.org>
Date: 2009-11-29T17:22:31Z
Lists: pgsql-hackers
Dave Page <dpage@pgadmin.org> writes: > On Sat, Nov 28, 2009 at 11:47 PM, Tom Lane <tgl@sss.pgh.pa.us> wrote: >> 1. The patch prevents non-superusers from seeing other users' >> application names in pg_stat_activity. This seems at best pretty >> debatable to me. Yes, it supports usages in which you want to put >> security-sensitive information into the appname, but at the cost of >> disabling (perfectly reasonable) usages where you don't. If we made >> the app name universally visible, people simply wouldn't put security >> sensitive info in it, the same as they don't put it on the command line. >> Should we change this? > Uh, yeah, I guess. That wasn't a concious decision, more a copy n > paste inherited 'feature'. OK. Everybody seems to agree it should not be hidden, so I'll go change that. >> 2. I am wondering if we should mark application_name as >> GUC_NO_RESET_ALL. > I think we should use GUC_NO_RESET_ALL. I agree with you, but it seems we have at least as many votes to not do that. Any other votes out there? regards, tom lane