| From: | "Daniel Cristian Cruz" <danielcristian(at)gmail(dot)com> |
|---|---|
| To: | pgsql-admin <pgsql-admin(at)postgresql(dot)org> |
| Subject: | Revoking usage of pg_catalog |
| Date: | 2007-05-09 13:05:21 |
| Message-ID: | 48d0cacb0705090605i4c1c2107s2186c52468e07d46@mail.gmail.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-admin |
Hi there!
Is it possible to revoke usage of pg_catalog for a specific user?
The reason is to secure PostgreSQL. If a user can connect to a database, it
could query pg_class, pg_attribute, pg_proc search for specific tables and
if using dblink, even database passwords...
I just made a test, revoking usage of pg_catalog from PUBLIC, but tables are
still available through "SELECT * FROM pg_class", but not through "SELECT *
FROM pg_catalog.pg_class". I found in manual, where it says pg_catalog is
searched before any schema on search_path...
If schema pg_catalog became blocked, PostgreSQL could be used? Could it be
possible to made queries on allowed schemas and tables? This could be an
item for the wishlist?
Kind regards,
--
Daniel Cristian Cruz
| From | Date | Subject | |
|---|---|---|---|
| Next Message | gap.mailinglists | 2007-05-09 14:00:14 | Copying schemas between databases |
| Previous Message | Thomas Markus | 2007-05-09 11:50:07 | Re: infinite blocking statements in 8.2.3 |