| From: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
|---|---|
| To: | Ian Barwick <barwick(at)gmx(dot)de> |
| Cc: | "Nigel J(dot) Andrews" <nandrews(at)investsystems(dot)co(dot)uk>, pgsql-hackers(at)postgresql(dot)org |
| Subject: | Re: Schemas: status report, call for developers |
| Date: | 2002-05-02 22:05:07 |
| Message-ID: | 18643.1020377107@sss.pgh.pa.us |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers pgsql-interfaces |
Ian Barwick <barwick(at)gmx(dot)de> writes:
> i.e. user "joe" can see which objects exist in schema "foo2", even though
> he has no USAGE privilege. (Is this behaviour intended?)
It's open for debate I suppose. Historically we have not worried about
preventing people from looking into the system tables, except for cases
such as pg_statistic where this might expose actual user data.
AFAICS we could only prevent this by making selective views on the
system tables and then prohibiting ordinary users from accessing the
underlying tables directly. I'm not in a big hurry to do that myself,
if only for backward-compatibility reasons.
We still do have the option of separate databases, and I'd be inclined
to tell people to use those if they want airtight separation between
users.
regards, tom lane
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Mark kirkwood | 2002-05-02 22:09:49 | Re: PostgreSQL mission statement? |
| Previous Message | Jason Earl | 2002-05-02 22:01:56 | Re: PostgreSQL mission statement? |
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Shawn Stephens - Q Data KZN | 2002-05-03 12:39:20 | libpq interface problem. |
| Previous Message | Jeffrey W. Baker | 2002-05-02 15:43:23 | Re: Schemas: status report, call for developers |