Skip site navigation (1) Skip section navigation (2)

Re: Increasing security in a shared environment ...

From: Euler Taveira de Oliveira <euler(at)ufgnet(dot)ufg(dot)br>
To: Christopher Kings-Lynne <chriskl(at)familyhealth(dot)com(dot)au>
Cc: pgsql-hackers(at)postgresql(dot)org
Subject: Re: Increasing security in a shared environment ...
Date: 2004-03-29 17:08:04
Message-ID: 20040329140804.377fee13.euler@ufgnet.ufg.br (view raw or flat)
Thread:
Lists: pgsql-hackers
Hi Christopher,

> > "The \l command should only list databases that the current user is
> > authorized for, the \du command should only list users authorized for the
> > current database (and perhaps only superusers should get even that much
> > information), etc.  Perhaps it is possible to set PG to do this, but that
> > should probably be the default."
> > 
Seem reasonable. Why not prevent normal users to dig on the pg_catalog? What is the impact of it?

> Well, you can just go SELECT * FROM pg_database;  so fixing \l won't do 
> anything.
> 
> I too would like to see more security in this respect, but it will be 
> difficult if not impossible to implement methinks...
> 
Why is it "impossible"?

-- 
Euler Taveira de Oliveira
euler (at) ufgnet.ufg.br
Desenvolvedor Web e Administrador de Sistemas
UFGNet - Universidade Federal de Goiás

In response to

Responses

pgsql-hackers by date

Next:From: Andrew DunstanDate: 2004-03-29 17:09:01
Subject: Re: Increasing security in a shared environment ...
Previous:From: markwDate: 2004-03-29 16:50:42
Subject: Re: PostgreSQL block size vs. LVM2 stripe width

Privacy Policy | About PostgreSQL
Copyright © 1996-2014 The PostgreSQL Global Development Group