> "The \l command should only list databases that the current user is
> authorized for, the \du command should only list users authorized for the
> current database (and perhaps only superusers should get even that much
> information), etc. Perhaps it is possible to set PG to do this, but that
> should probably be the default."
> This is from a PgSQL vs MySQL thread on -general ... how hard would it be
> make it so that a non-superuse user can't do a \l and see everyone's
> databases? Or, when doing a \d in a database you are able to connect to,
> it would only show those tables that you are authorized for?
Well, you can just go SELECT * FROM pg_database; so fixing \l won't do
I too would like to see more security in this respect, but it will be
difficult if not impossible to implement methinks...
In response to
pgsql-hackers by date
|Next:||From: Joe Conway||Date: 2004-03-29 05:49:16|
|Subject: Re: Fuzzy cost comparison to eliminate redundant planning|
|Previous:||From: Marc G. Fournier||Date: 2004-03-29 04:28:34|
|Subject: Increasing security in a shared environment ...|