| From: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
|---|---|
| To: | ivan <iv(at)psycho(dot)pl> |
| Cc: | pgsql-hackers(at)postgresql(dot)org |
| Subject: | Re: perm question |
| Date: | 2003-07-16 04:27:21 |
| Message-ID: | 10938.1058329641@sss.pgh.pa.us |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
ivan <iv(at)psycho(dot)pl> writes:
> why when i revoke all on scheme pg_catalog from all (with public)
> i can make select from pg_ tables and views as ordinary user ??
Hm. pg_catalog is forcibly placed into the search path, thus bypassing
the normal check on whether you have USAGE privilege on it. I suppose
that could be claimed to be a bug ... but in point of fact, honoring
denial of USAGE on pg_catalog would mean that the system would fail to
function at all. So I cannot see any actual usefulness in doing such a
thing. You might as well just delete the user entirely as forbid him
access to pg_catalog.
> and how disallow : LISTEN , SET , RESET , and SHOW ?
Explain why we should?
regards, tom lane
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Dennis Björklund | 2003-07-16 06:29:01 | FROM clause omitted |
| Previous Message | Ang Chin Han | 2003-07-16 02:55:20 | Re: Hyperthreading or not? |