Re: How to deny remote backups ?

From: Bruno Wolff III <bruno(at)wolff(dot)to>
To: juanmime(at)ono(dot)com
Cc: pgsql-admin(at)postgresql(dot)org
Subject: Re: How to deny remote backups ?
Date: 2005-03-04 17:45:35
Message-ID: 20050304174535.GA25380@wolff.to
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-admin

On Fri, Mar 04, 2005 at 17:33:02 +0100,
juanmime(at)ono(dot)com wrote:
>
> OK. but I think that an aproximation to the solution or a half solution could
> be deny the user consulting the system database catalog or (pg_tables). In
> that case, the user is not able to know the name of the tables inside the
> db, and therefore he does not know which are the tables to dump. I think
> also, that pg_dump could fail at this scenario.

> 1. What do you think about this ?

I don't think it is a good idea. Since you are worried about this, I am going
to guess that the users are running a client (such as psql) to do their
inserts and deletes. If so, they are going to be able to find out the
table names. If this isn't the case and everything is being done by
an application running on the server, then you should be having that
application control access.

> 2. Is it possible (deny the access to the system catalog or tables (like
> pg_tables) to a certain user ?

You will break things if you prevent people from reading the system catalogs.

In response to

Browse pgsql-admin by date

  From Date Subject
Next Message Scott Marlowe 2005-03-04 17:50:34 Re: PG shutdown itself?
Previous Message Lee Wu 2005-03-04 17:38:02 PG shutdown itself?