On Wed, Jan 25, 2017 at 2:13 PM, Stephen Frost <sfrost@snowman.net> wrote:
> I went over *every* superuser check in the system when I did that work,
> wrote up a long email about why I made the decisions that I did, posted
> it here, had follow-on discussions, all of which lead to the patch which
> ended up going in.
Link to that email? I went back and looked at that thread and didn't
see anything that looked like a general policy statement to me. But I
may have missed it.
> I am not anxious to revisit that decision and certainly not based on
> an argument that, so far, boils down to "I think a monitoring system
> might be able to use this function that allows it to read pg_authid
> directly, so we should drop the superuser() check in it."
Well, I'm not eager to revisit all the decisions you'd like to
overturn either, but we'll just both have to cope. I assume we're
both coming at these issues with the intention of making PostgreSQL
better; the fact that we don't always agree on everything is probably
inevitable.
--
Robert Haas
EnterpriseDB: http://www.enterprisedb.com
The Enterprise PostgreSQL Company