Skip site navigation (1) Skip section navigation (2)

Increasing security in a shared environment ...

From: "Marc G(dot) Fournier" <scrappy(at)postgresql(dot)org>
To: pgsql-hackers(at)postgresql(dot)org
Subject: Increasing security in a shared environment ...
Date: 2004-03-29 04:28:34
Message-ID: 20040329002443.N51637@ganymede.hub.org (view raw or flat)
Thread:
Lists: pgsql-hackers
How hard would it be to add this:

"The \l command should only list databases that the current user is
authorized for, the \du command should only list users authorized for the
current database (and perhaps only superusers should get even that much
information), etc.  Perhaps it is possible to set PG to do this, but that
should probably be the default."

This is from a PgSQL vs MySQL thread on -general ... how hard would it be
make it so that a non-superuse user can't do a \l and see everyone's
databases?  Or, when doing a \d in a database you are able to connect to,
it would only show those tables that you are authorized for?


----
Marc G. Fournier           Hub.Org Networking Services (http://www.hub.org)
Email: scrappy(at)hub(dot)org           Yahoo!: yscrappy              ICQ: 7615664

Responses

pgsql-hackers by date

Next:From: Christopher Kings-LynneDate: 2004-03-29 04:46:58
Subject: Re: Increasing security in a shared environment ...
Previous:From: Neil ConwayDate: 2004-03-29 02:03:01
Subject: Re: Fuzzy cost comparison to eliminate redundant planning

Privacy Policy | About PostgreSQL
Copyright © 1996-2014 The PostgreSQL Global Development Group