Skip site navigation (1) Skip section navigation (2)

Re: Increasing security in a shared environment ...

From: Christopher Kings-Lynne <chriskl(at)familyhealth(dot)com(dot)au>
To: "Marc G(dot) Fournier" <scrappy(at)postgresql(dot)org>
Cc: pgsql-hackers(at)postgresql(dot)org
Subject: Re: Increasing security in a shared environment ...
Date: 2004-03-29 04:46:58
Message-ID: (view raw, whole thread or download thread mbox)
Lists: pgsql-hackers
> "The \l command should only list databases that the current user is
> authorized for, the \du command should only list users authorized for the
> current database (and perhaps only superusers should get even that much
> information), etc.  Perhaps it is possible to set PG to do this, but that
> should probably be the default."
> This is from a PgSQL vs MySQL thread on -general ... how hard would it be
> make it so that a non-superuse user can't do a \l and see everyone's
> databases?  Or, when doing a \d in a database you are able to connect to,
> it would only show those tables that you are authorized for?

Well, you can just go SELECT * FROM pg_database;  so fixing \l won't do 

I too would like to see more security in this respect, but it will be 
difficult if not impossible to implement methinks...


In response to


pgsql-hackers by date

Next:From: Joe ConwayDate: 2004-03-29 05:49:16
Subject: Re: Fuzzy cost comparison to eliminate redundant planning
Previous:From: Marc G. FournierDate: 2004-03-29 04:28:34
Subject: Increasing security in a shared environment ...

Privacy Policy | About PostgreSQL
Copyright © 1996-2017 The PostgreSQL Global Development Group