> > Right now anyone can look in pg_statistic and discover the min/max/most
> > common values of other people's tables. That's not a lot of info, but
> > it might still be more than you want them to find out. And the
> > statistical changes that I'm about to commit will allow a couple dozen
> > values to be exposed, not only three values per column.
> >
> > It seems to me that only superusers should be allowed to read the
> > pg_statistic table. Or am I overreacting? Comments?
>
> You are not overreacting. Imagine a salary column. I can imagine
> max/min being quite interesting.
>
> I doubt it is worth letting non-super users see values in that table.
> Their only value is in debugging the optimizer, which seems like a
> super-user job anyway.
How about letting them see all statistics where they have select permission
on the base table (if that is possible with the new permission table) ?
Andreas