Only show source file and line numbers to superusers, for consistent

security level with other parts of the system.

Per gripe from Tom

diff --git a/src/backend/utils/misc/guc.c b/src/backend/utils/misc/guc.c
index c1a4dde97b2faec52d4c9a6c9c32ebdee9f0911a..c6fda6cc21b2446871dafcfe78297d5f7e9a37e2 100644 (file)
--- a/src/backend/utils/misc/guc.c
+++ b/src/backend/utils/misc/guc.c
@@ -6176,8 +6176,12 @@ GetConfigOptionByNum(int varnum, const char **values, bool *noshow)
                        break;
        }
 
-       /* If the setting came from a config file, set the source location */
-       if (conf->source == PGC_S_FILE)
+       /* 
+        * If the setting came from a config file, set the source location.
+        * For security reasons, we don't show source file/line number for
+        * non-superusers.
+        */
+       if (conf->source == PGC_S_FILE && superuser())
        {
                values[12] = conf->sourcefile;
                snprintf(buffer, sizeof(buffer), "%d", conf->sourceline);