Everyone should be able to inspect the security labels of tables/columns via SELECT * FROM diffix.show_labels().
Right now it fails for non-direct users, saying permission denied for schema pg_catalog.

since we're not storing the salt in seclabels, it seems that this table is no longer sensitive, and we can just let those queries through.