public inbox for [email protected]
help / color / mirror / Atom feedFrom: Tom Lane <[email protected]>
To: Daniel Gustafsson <[email protected]>
Cc: Antonin Houska <[email protected]>
Cc: PostgreSQL Hackers <[email protected]>
Subject: Re: Incorrect comment on pg_shadow view
Date: Fri, 18 Oct 2024 10:22:32 -0400
Message-ID: <[email protected]> (raw)
In-Reply-To: <[email protected]>
References: <31926.1729252247@antos>
<[email protected]>
Daniel Gustafsson <[email protected]> writes:
>> On 18 Oct 2024, at 13:50, Antonin Houska <[email protected]> wrote:
>> Attached is a proposal to fix a comment in pg_authid.h. pg_shadow is not (and
>> obviously should not be) accessible by public:
> - * pg_shadow and pg_group are now publicly accessible views on pg_authid.
> + * pg_shadow and pg_group are now views on pg_authid.
> I'm no native speaker but I don't interpret "publicly accessible" as readable
> by the public role, rather that they are accessible via a user interface (in
> this case SQL).
I think Antonin is right. pg_authid is just as accessible from SQL as
these views are. Also note the phrasing in the SGML documentation of
pg_shadow [1]:
The name stems from the fact that this table should not be
readable by the public since it contains passwords. pg_user is a
publicly readable view on pg_shadow that blanks out the password
field.
regards, tom lane
[1] https://www.postgresql.org/docs/devel/view-pg-shadow.html
view thread (3+ messages)
reply
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Reply to all the recipients using the --to and --cc options:
reply via email
To: [email protected]
Cc: [email protected], [email protected], [email protected]
Subject: Re: Incorrect comment on pg_shadow view
In-Reply-To: <[email protected]>
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
This inbox is served by agora; see mirroring instructions
for how to clone and mirror all data and code used for this inbox