| From: | Michael Fuhr <mike(at)fuhr(dot)org> |
|---|---|
| To: | pgsql-admin(at)postgresql(dot)org |
| Subject: | Re: How to deny remote backups ? |
| Date: | 2005-03-04 17:00:57 |
| Message-ID: | 20050304170057.GA44195@winnie.fuhr.org |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-admin |
On Fri, Mar 04, 2005 at 05:33:02PM +0100, juanmime(at)ono(dot)com wrote:
> OK. but I think that an aproximation to the solution or a half solution could
> be deny the user consulting the system database catalog or (pg_tables). In
> that case, the user is not able to know the name of the tables inside the
> db, and therefore he does not know which are the tables to dump. I think
> also, that pg_dump could fail at this scenario.
Users presumably already know about the tables they're allowed to
SELECT from -- otherwise how would they know to query them? So in
that case, protecting the system catalogs wouldn't help. And for
the tables that users don't know about but could discover through
the system catalogs, if the users don't have SELECT privileges then
they won't be able to dump those tables anyway.
What problem are you really trying to solve? If you want to hide
the fact that certain tables exist, then maybe you could put them
in a separate database and use a mechanism involving dblink with
views and/or functions to control access to them.
--
Michael Fuhr
http://www.fuhr.org/~mfuhr/
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Lee Wu | 2005-03-04 17:38:02 | PG shutdown itself? |
| Previous Message | juanmime | 2005-03-04 16:33:02 | Re: How to deny remote backups ? |