Re: Increasing security in a shared environment ...

From: "Dave Page" <dpage(at)vale-housing(dot)co(dot)uk>
To: <euler(at)ufgnet(dot)ufg(dot)br>
Cc: <chriskl(at)familyhealth(dot)com(dot)au>, <pgsql-hackers(at)postgresql(dot)org>
Subject: Re: Increasing security in a shared environment ...
Date: 2004-03-29 18:11:13
Message-ID: 50000.80.177.99.193.1080583873.squirrel@ssl.vale-housing.co.uk
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-hackers

It's rumoured that Euler Taveira de Oliveira once said:
> Hi Christopher,
>
>> > "The \l command should only list databases that the current user is
>> > authorized for, the \du command should only list users authorized
>> > for the current database (and perhaps only superusers should get
>> > even that much information), etc. Perhaps it is possible to set PG
>> > to do this, but that should probably be the default."
>> >
> Seem reasonable. Why not prevent normal users to dig on the pg_catalog?
> What is the impact of it?

Because they can't use tools like pgAdmin or phpPgAdmin unless they can at
least read all the catalogs.
Regards, Dave

In response to

Responses

Browse pgsql-hackers by date

  From Date Subject
Next Message Tom Lane 2004-03-29 18:16:25 Re: Increasing security in a shared environment ...
Previous Message Marc G. Fournier 2004-03-29 17:20:59 Re: Increasing security in a shared environment ...