> We go to some lengths to prevent non-superusers from examining
> data_directory and other values that would tell them exactly where the
> PG data directory is in the server's filesystem. The recently applied
> patch to expose full pathnames of GUC variables' source files blows a
> hole a mile wide in that.
>
> Possible answers: don't show the path, only the file name; or
> show sourcefile/sourceline as NULL to non-superusers.
My vote goes for showing it as NULL to non-superusers. If we remove the
path, that makes it pretty darn useless for admin tools - which was the
main reason it was added in the first place..
And "showing full path for superuser, just filename for non-superusers"
just seems to be way too ugly to consider :-)
//Magnus
--
Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-hackers
No comments:
Post a Comment