Is it possible to revoke usage of pg_catalog for a specific user?
The reason is to secure PostgreSQL. If a user can connect to a database, it
could query pg_class, pg_attribute, pg_proc search for specific tables and
if using dblink, even database passwords...
I just made a test, revoking usage of pg_catalog from PUBLIC, but tables are
still available through "SELECT * FROM pg_class", but not through "SELECT *
FROM pg_catalog.pg_class". I found in manual, where it says pg_catalog is
searched before any schema on search_path...
If schema pg_catalog became blocked, PostgreSQL could be used? Could it be
possible to made queries on allowed schemas and tables? This could be an
item for the wishlist?
Daniel Cristian Cruz
pgsql-admin by date
|Next:||From: gap.mailinglists||Date: 2007-05-09 14:00:14|
|Subject: Copying schemas between databases|
|Previous:||From: Thomas Markus||Date: 2007-05-09 11:50:07|
|Subject: Re: infinite blocking statements in 8.2.3|