Re: Catalog Security WAS: Views, views, views: Summary

>>Tom mentioned that he had not had these security concerns raised before. From
>>my point of view I just have no idea about the level of information offered
>>to any given user and am scared to run PostgreSQL in an ISP shared
>>environment because of it. I am sure I can secure people from connecting to
>>a db by refusing them access in pg_hba.conf. But I'm unsure of exactly what
>>that buys me, and what is doesn't.
>
> It's certainly also a concern of mine that any given use can see every
> table in the database. I see that as a definite problem and just
> assumed it was already on the radar and something that was planned to be
> fixed. It astounds me that the claim is that such security is
> impossible.
>
> It bothers me a great deal that I can't control very easily what a given
> user can see when they connect over ODBC or via phppgadmin in terms of
> schemas, tables and columns. I fixed this in application code in
> phppgadmin but that's clearly insufficient since it doesn't do anything
> for the other access methods.

Modifiying phpPgAdmin is useless - people can query the catalogs manually.

Hackers - we get an email about information hiding in shared
postgresql/phppgadmin installations at least once a fortnight :)

Chris