Received: from malur.postgresql.org ([217.196.149.56])
	by arkaria.postgresql.org with esmtps  (TLS1.3) tls
 TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
	(Exim 4.96)
	(envelope-from <pgsql-hackers-owner+archive@lists.postgresql.org>)
	id 1vJrjD-005yC4-05
	for pgsql-hackers@arkaria.postgresql.org;
	Fri, 14 Nov 2025 11:12:29 +0000
Received: from localhost ([127.0.0.1] helo=malur.postgresql.org)
	by malur.postgresql.org with esmtp (Exim 4.96)
	(envelope-from <pgsql-hackers-owner+archive@lists.postgresql.org>)
	id 1vJrjA-005pok-0z
	for pgsql-hackers@arkaria.postgresql.org;
	Fri, 14 Nov 2025 11:12:28 +0000
Received: from magus.postgresql.org ([2a02:c0:301:0:ffff::29])
	by malur.postgresql.org with esmtps  (TLS1.3) tls
 TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
	(Exim 4.96)
	(envelope-from <alvherre@kurilemu.de>)
	id 1vJrj9-005poc-35
	for pgsql-hackers@lists.postgresql.org;
	Fri, 14 Nov 2025 11:12:28 +0000
Received: from fout-b4-smtp.messagingengine.com ([202.12.124.147])
	by magus.postgresql.org with esmtps  (TLS1.3) tls
 TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
	(Exim 4.96)
	(envelope-from <alvherre@kurilemu.de>)
	id 1vJrj7-007hmT-1w
	for pgsql-hackers@postgresql.org;
	Fri, 14 Nov 2025 11:12:27 +0000
Received: from phl-compute-02.internal (phl-compute-02.internal [10.202.2.42])
	by mailfout.stl.internal (Postfix) with ESMTP id 317B21D000BB;
	Fri, 14 Nov 2025 06:12:24 -0500 (EST)
Received: from phl-mailfrontend-01 ([10.202.2.162])
  by phl-compute-02.internal (MEProxy); Fri, 14 Nov 2025 06:12:24 -0500
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=kurilemu.de; h=
	cc:cc:content-transfer-encoding:content-type:content-type:date
	:date:from:from:in-reply-to:in-reply-to:message-id:mime-version
	:reply-to:subject:subject:to:to; s=fm2; t=1763118744; x=
	1763205144; bh=KnQtT7NECUGPXNpqwkpRTmwxNMUKgH9IBaWhdFhDtF0=; b=M
	Hih/r844p58fPGsp3eZqpLjKYIqDAkPkKh9W/9O9kiuoAbkNlg7rpf5PbVOL50tH
	YZvLNZz5USaCa2s9tKRbK+MWbXVIWEkDeeSamCS8iIwo+G9cYgfelMhwf3XVf8HR
	CWAUoy7PdHIB2VXM7uaLkZ+EEbwcyC+Q89MuXzRIm+Y5net/LsrNtKc7tpGpO5AG
	fq2O4UbU9eQXrYbsezeZ8scJ3C1rwEzz7CPb4UVBy7TOS+dWqoo27ieOBCHqkMZy
	MHbtr8PDkiQHXKAfrXOnCgWUrYEDipofKqMlqxJh81UIdSkhvJsRrgmu4fgzNFmJ
	SVVEbmMo6ytqx94idg+iA==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=
	messagingengine.com; h=cc:cc:content-transfer-encoding
	:content-type:content-type:date:date:feedback-id:feedback-id
	:from:from:in-reply-to:in-reply-to:message-id:mime-version
	:reply-to:subject:subject:to:to:x-me-proxy:x-me-sender
	:x-me-sender:x-sasl-enc; s=fm3; t=1763118744; x=1763205144; bh=K
	nQtT7NECUGPXNpqwkpRTmwxNMUKgH9IBaWhdFhDtF0=; b=gmanLhToFJ1GCuDn1
	Hx+7aDexuDoDkAfSNK03NWch1Y5DWqJFv4RL+qwY/XlG57vtn6kn/U16uAHczjrg
	vpsi+UAxnFR+wHv18p772mNI4ywmDZHeFFvRKJegCYdw3vxnQFd3ZImYGAUNe1LY
	b+ZfF43QsGMCaqiPQsVOuwv+XLpd3Gm/ii/60rJxFepCM/7kptsl3dSzwTepwjrK
	hsLUCuHPqg+O7JTiuRBlFpMxZFO3HRD88h7Vhg0TJZorJmv4e71u/RfRGw75PWJL
	3DZ7paYVnsxZRyu0UQ4zvo1lVM7KXo/7hDBLSa29/MfVQgdDVhfIx3EC2q2k7pVf
	05R5Q==
X-ME-Sender: <xms:lw4XaYD4CWggcFG9pltdbUft81u4MsGyIwiPBCXst9Azbn8UBW4n_Q>
    <xme:lw4Xae25GfU-wPILvkEElCcuhF9701z_QSmsg9KH3LO29w6kH95ZorhybXE2GCcKA
    02B2jr9ckR19jTZCNz0ruHyRuqSwMifza-nNq8SyfCCuyBosVSI5g>
X-ME-Received: 
 <xmr:lw4XaavKD0HyGVCXCX_W-U0NncrwEqehn039FI5781kQZSNFrhBuSBf1FSt0y_4ddKKF9xMqiSIhXWA4>
X-ME-Proxy-Cause: 
 gggruggvucftvghtrhhoucdtuddrgeeffedrtdeggddvtdelieejucetufdoteggodetrf
    dotffvucfrrhhofhhilhgvmecuhfgrshhtofgrihhlpdfurfetoffkrfgpnffqhgenuceu
    rghilhhouhhtmecufedttdenucesvcftvggtihhpihgvnhhtshculddquddttddmnecujf
    gurhepfffhvfevuffkgggtugfgjgesthekredttddtjeenucfhrhhomheplmhlvhgrrhho
    ucfjvghrrhgvrhgruceorghlvhhhvghrrhgvsehkuhhrihhlvghmuhdruggvqeenucggtf
    frrghtthgvrhhnpeetuedvheffkeevgfeuheevteevkefggedttdeufeeuheduuddthfef
    fffhjeefffenucffohhmrghinhepvghnthgvrhhprhhishgvuggsrdgtohhmnecuvehluh
    hsthgvrhfuihiivgeptdenucfrrghrrghmpehmrghilhhfrhhomheprghlvhhhvghrrhgv
    sehkuhhrihhlvghmuhdruggvpdhnsggprhgtphhtthhopeefpdhmohguvgepshhmthhpoh
    huthdprhgtphhtthhopegrkhhshhgrhidrjhhoshhhihesvghnthgvrhhprhhishgvuggs
    rdgtohhmpdhrtghpthhtohepphhgshhqlhdqhhgrtghkvghrshesphhoshhtghhrvghsqh
    hlrdhorhhgpdhrtghpthhtohepqhhurghniihonhhglhhirghngheshigvrghhrdhnvght
X-ME-Proxy: <xmx:lw4XaW7kRLXNv9wnh08z1muHe1VIgqBubnAF5IQm3VtB0Q41g3CX6A>
    <xmx:lw4XaTIfdkFtwhuBAo_sCnRcjfPHmBCzYdt8WHFhVFVF9nQtYIUOPQ>
    <xmx:lw4Xae63NAbLN6rr8fGZr8aOyBhorjRDnv8Fdeap1eItXZkoRrqpRg>
    <xmx:lw4Xaeyfe1-4DU03JOlsXxTBwIOaWHBHLhdPq8Dzk3mFl7HVmtxOsQ>
    <xmx:mA4XaZbLSBAMOV8VuqdCQfe_0f5ZuM1B4aAeA9KAZeE2K42gJ2F3tUZF>
Feedback-ID: ie3de48e3:Fastmail
Received: by mail.messagingengine.com (Postfix) with ESMTPA; Fri,
 14 Nov 2025 06:12:23 -0500 (EST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kurilemu.de;
	s=schmee; t=1763118741;
	bh=xQr3cctfw2jp9m/u93cVFy9tw2j07Ai1Gi4z+CsF4DE=;
	h=Date:From:To:Cc:Subject:In-Reply-To:From;
	b=VVLnxIB0Hn2J7wx1yZgKojfItWg9LLrrQK0mttb4o7sLB/MRfKWgEVuSsTU/RkSj0
	 VKnJmsd2yEfkPkFbSi69cwlKYBs3RDwOLgJAEXFuGJi4QSh1QInFpTs0GBlIlLSHQv
	 bATslvw7+7bN5kvyAVgB0CiSSrsgCKLGQHtkHNLa/PJwsJ95oGZ7UysKSIF3NeJCZu
	 x78gjDIUyASB///IBEyBG6UNidivUzqJ7TLrQbTsV1giMFhzcibBrtiH2PjC5qfUML
	 hZCrRc33khF4Xke/jl49CNRjstj2/UPV2E5kYXEre0ZTzRJvURSzImpil70tDFf2OZ
	 Ekyt6LjXjy7DA==
Received: by schmee.kurilemu.internal (Postfix, from userid 1000)
	id E880176; Fri, 14 Nov 2025 13:12:21 +0200 (EET)
Date: Fri, 14 Nov 2025 12:12:21 +0100
From: =?utf-8?Q?=C3=81lvaro?= Herrera <alvherre@kurilemu.de>
To: Quan Zongliang <quanzongliang@yeah.net>
Cc: Akshay Joshi <akshay.joshi@enterprisedb.com>,
	pgsql-hackers <pgsql-hackers@postgresql.org>
Subject: Re: [PATCH] Add pg_get_database_ddl() function to reconstruct CREATE
 DATABASE statement
Message-ID: <202511131446.uzn4c25ljmd4@alvherre.pgsql>
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Disposition: inline
Content-Transfer-Encoding: 8bit
In-Reply-To: <fb7deab9-e413-4e14-ad91-b9749d1648af@yeah.net>
List-Id: <pgsql-hackers.lists.postgresql.org>
List-Help: <https://lists.postgresql.org/manage/>
List-Subscribe: <https://lists.postgresql.org/manage/>
List-Post: <mailto:pgsql-hackers@lists.postgresql.org>
List-Owner: <mailto:pgsql-hackers-owner@lists.postgresql.org>
List-Archive: <https://www.postgresql.org/list/pgsql-hackers>
Archived-At: 
 <https://www.postgresql.org/message-id/202511131446.uzn4c25ljmd4%40alvherre.pgsql>
Precedence: bulk

On 2025-Nov-13, Quan Zongliang wrote:

> A more specific example. Originally, it was impossible to obtain the
> definition of "testdb" by accessing pg_database:
> 
>   postgres=> SELECT * FROM pg_database WHERE datname='testdb';
>   ERROR:  permission denied for table pg_database

Hmm.  So I was thinking that running things in this mode (where catalog
access is restricted) has never been supported.  But you're right that
we would be opening a hole that we don't have today, because if the
admin closes down permissions on pg_database, then this new function
would be a way to obtain information that the user can't currently
obtain.

My further point was to be that you still need to obtain a list of
database names or OIDs in order to do anything of value.  But it turns
out that this is extremely easy and quick to do, with something like

SELECT i, pg_describe_object('pg_database'::regclass, i, 0)
FROM generate_series(1, 1_000_000) i
WHERE pg_describe_object('pg_database'::regclass, i, 0) IS NOT NULL;

... and with this function, the user could again obtain everything about
the database even when they can't read the catalog directly.

Maybe checking privs for the database being dumped is enough protection
against this -- the equivalent of has_database_privilege( ..., 'CONNECT') 
I suppose.

-- 
Álvaro Herrera         PostgreSQL Developer  —  https://www.EnterpriseDB.com/
"¿Qué importan los años?  Lo que realmente importa es comprobar que
a fin de cuentas la mejor edad de la vida es estar vivo"  (Mafalda)