| From: | "Merlin Moncure" <merlin(dot)moncure(at)rcsonline(dot)com> |
|---|---|
| To: | "Dave Page" <dpage(at)vale-housing(dot)co(dot)uk> |
| Cc: | <pgadmin-hackers(at)postgresql(dot)org> |
| Subject: | Re: prevent users from seeing pl/pgsql code in pgadmin |
| Date: | 2005-03-16 16:33:00 |
| Message-ID: | 6EE64EF3AB31D5448D0007DD34EEB3412A764B@Herge.rcsinc.local |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgadmin-hackers |
> > Is there any relatively easy way to, uh, prevent your users
> > from seeing
> > some/all of your pl/pgsql code in pgAdmin? :) A by schema solution
> > would be ideal.
>
> Anything we did would be fairly pointless given that there's not much
we
> can do to stop them doing 'SELECT prosrc FROM pg_proc'. I suppose you
> could remove select permissions from the table, but I wouldn't be
I tried that. While the server allows the revoke, it does nothing.
> surprise if that broke things horribly - it certainly breaks pgAdmin
and
> pg_dump.
I also tried hacking the search path and putting a pg_proc table into
the public schema. While this fixed select * from pg_proc (but not /df),
pgAdmin still pulled the function source. Without checking, I'm
assuming pgAdmin prefixes the catalog tables in the metadata queries
(aside: should it?).
Well, I was hoping for some easy trick but apparently there isn't one.
I think this is one for -hackers.
Merlin
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Dave Page | 2005-03-16 16:42:56 | Re: prevent users from seeing pl/pgsql code in pgadmin |
| Previous Message | Dave Page | 2005-03-16 16:20:24 | Re: prevent users from seeing pl/pgsql code in pgadmin |