restrict pg_stat_ssl to superuser?

Peter Eisentraut <peter.eisentraut@2ndquadrant.com>

From: Peter Eisentraut <peter.eisentraut@2ndquadrant.com>
To: pgsql-hackers <pgsql-hackers@postgresql.org>
Date: 2019-02-07T08:30:38Z
Lists: pgsql-hackers
As discussed in [0], should we restrict access to pg_stat_ssl to
superusers (and an appropriate pg_ role)?

If so, is there anything in that view that should be made available to
non-superusers?  If not, then we could perhaps do this via a simple
permission change instead of going the route of blanking out individual
columns.


[0]:
<https://www.postgresql.org/message-id/flat/398754d8-6bb5-c5cf-e7b8-22e5f0983caf@2ndquadrant.com>

-- 
Peter Eisentraut              http://www.2ndQuadrant.com/
PostgreSQL Development, 24x7 Support, Remote DBA, Training & Services


Commits

  1. Hide other user's pg_stat_ssl rows

  2. doc: Add security information about pg_stat_activity