Michael Paquier <michael.paquier@gmail.com> writes:
> On Tue, Jun 21, 2016 at 11:29 AM, Tom Lane <tgl@sss.pgh.pa.us> wrote:
>> What I would want to know is whether this specific change is actually a
>> good idea. In particular, I'm concerned about the possible security
>> implications of exposing primary_conninfo --- might it not contain a
>> password, for example?
> Yes it could, as a connection string, but we make the information of
> this view only visible to superusers. For the others, that's just
> NULL.
Well, that's okay for now, but I'm curious to hear Stephen Frost's
opinion on this. He's been on the warpath to decrease our dependence
on superuser-ness for protection purposes. Seems to me that having
one column in this view that is a lot more security-sensitive than
the others is likely to be an issue someday.
regards, tom lane