| From: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
|---|---|
| To: | Christoph Dalitz <christoph(dot)dalitz(at)hs-niederrhein(dot)de> |
| Cc: | Jochem van Dieten <jochemd(at)oli(dot)tudelft(dot)nl>, pgsql-general(at)postgresql(dot)org |
| Subject: | Re: USAGE on schema allowed by default? |
| Date: | 2002-12-02 15:16:34 |
| Message-ID: | 18461.1038842194@sss.pgh.pa.us |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general pgsql-hackers |
Christoph Dalitz <christoph(dot)dalitz(at)hs-niederrhein(dot)de> writes:
>> I agree that this isn't completely ideal, but I stand by my comment that
>> it's not worth breaking every client that looks at system catalogs in
>> order to prevent it.
>>
> What about [ hiding the real catalogs behind views ]
A good solution would need more than that. For example, something I've
heard repeatedly is that people would like to hide the source code of
their SQL or PLxxx functions from users who are nonetheless allowed to
call those functions. A row-wise selective view of pg_proc can't fix
that. In many cases it's less than clear which rows of which catalogs
to hide anyway.
Ultimately, if you don't want other people to see any of your catalog
information, you shouldn't let 'em into your database. There's still
the option of setting up distinct databases.
regards, tom lane
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Uro Gruber | 2002-12-02 15:25:58 | deny list databases |
| Previous Message | Uroš Gruber | 2002-12-02 15:13:21 | deny list databases |
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Jeroen T. Vermeulen | 2002-12-02 15:20:59 | 7.3: Change in cursor behaviour? |
| Previous Message | Prasanna Phadke | 2002-12-02 13:00:34 | Re: 7.4 Wishlist |