| From: | "Marc G(dot) Fournier" <scrappy(at)postgresql(dot)org> |
|---|---|
| To: | pgsql-hackers(at)postgresql(dot)org |
| Subject: | Increasing security in a shared environment ... |
| Date: | 2004-03-29 04:28:34 |
| Message-ID: | 20040329002443.N51637@ganymede.hub.org |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
How hard would it be to add this:
"The \l command should only list databases that the current user is
authorized for, the \du command should only list users authorized for the
current database (and perhaps only superusers should get even that much
information), etc. Perhaps it is possible to set PG to do this, but that
should probably be the default."
This is from a PgSQL vs MySQL thread on -general ... how hard would it be
make it so that a non-superuse user can't do a \l and see everyone's
databases? Or, when doing a \d in a database you are able to connect to,
it would only show those tables that you are authorized for?
----
Marc G. Fournier Hub.Org Networking Services (http://www.hub.org)
Email: scrappy(at)hub(dot)org Yahoo!: yscrappy ICQ: 7615664
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Christopher Kings-Lynne | 2004-03-29 04:46:58 | Re: Increasing security in a shared environment ... |
| Previous Message | Neil Conway | 2004-03-29 02:03:01 | Re: Fuzzy cost comparison to eliminate redundant planning |