doc: Add note about lack of publication privileges

author Peter Eisentraut <peter@eisentraut.org>

Tue, 1 Nov 2022 13:18:37 +0000 (14:18 +0100)

committer Peter Eisentraut <peter@eisentraut.org>

Tue, 1 Nov 2022 13:19:41 +0000 (14:19 +0100)
author Peter Eisentraut <peter@eisentraut.org>
Tue, 1 Nov 2022 13:18:37 +0000 (14:18 +0100)
committer Peter Eisentraut <peter@eisentraut.org>
Tue, 1 Nov 2022 13:19:41 +0000 (14:19 +0100)
diff --git a/doc/src/sgml/logical-replication.sgml b/doc/src/sgml/logical-replication.sgml

index e98538e540018f60cb544a71dd677f5e7e16ce7c..434bc3118054b828f78ee764d99e78f4f1d6a3fe 100644 (file)
--- a/doc/src/sgml/logical-replication.sgml
+++ b/doc/src/sgml/logical-replication.sgml
@@ -1570,6 +1570,17 @@ CONTEXT:  processing remote data for replication origin "pg_16395" during "INSER
     schema automatically, the user must be a superuser.
    </para>
  
+  <para>
+   There are currently no privileges on publications.  Any subscription (that
+   is able to connect) can access any publication.  Thus, if you intend to
+   hide some information from particular subscribers, such as by using row
+   filters or column lists, or by not adding the whole table to the
+   publication, be aware that other publications in the same database could
+   expose the same information.  Publication privileges might be added to
+   <productname>PostgreSQL</productname> in the future to allow for
+   finer-grained access control.
+  </para>
+
    <para>
     To create a subscription, the user must be a superuser.
    </para>
author	Peter Eisentraut <peter@eisentraut.org>
	Tue, 1 Nov 2022 13:18:37 +0000 (14:18 +0100)
committer	Peter Eisentraut <peter@eisentraut.org>
	Tue, 1 Nov 2022 13:19:41 +0000 (14:19 +0100)