Currently, system catalogs (pg_*) are assumed to be readable by anyone if
the privileges are NULL, as opposed to ordinary tables, which assume only
owner access if the privileges are NULL.
I'm currently working on privileges for functions (see also Nov. 13
message, which apparently stunned everyone into silence), which will need
some sort of similar arrangement, only there's no obvious way to find out
if a function is a "system function".
I think the best solution would be to drop the pg_* exception and
explicitly grant the right privileges to each table and function in
initdb.
Objections?
--
Peter Eisentraut peter_e@gmx.net