Re: Catalog Security WAS: Views, views, views: Summary of Arguments

From: Josh Berkus <josh(at)agliodbs(dot)com>
To: Andrew Dunstan <andrew(at)dunslane(dot)net>
Cc: pgsql-hackers(at)postgresql(dot)org
Subject: Re: Catalog Security WAS: Views, views, views: Summary of Arguments
Date: 2005-05-13 17:42:26
Message-ID: 200505131042.26134.josh@agliodbs.com
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-hackers

Andrew,

> It might be safer, but that doesn't hit my target at all. I am aiming at
> a zero-knowledge user, i.e. one who cannot discover anything at all
> about the db. The idea is that even if subvert can subvert a client and
> get access to the db the amount of metadata they can discover is as
> close to zero as possible.

Yeah, I can see that. I've personally had this concern about our PG
installation on the web server, and as you know about pgFoundry as well,
especially since GForge does not use good user security.

However, I see 2 seperate cases here:

1) The "ISP" case, where you want to hide all catalog information from the
users except the database owner or superuser.

2) The "Enterprise server" setting, where you want to allow catalog access
(for example, for pgAdmin) restricted to the current user permissions.

--
--Josh

Josh Berkus
Aglio Database Solutions
San Francisco

In response to

Responses

Browse pgsql-hackers by date

  From Date Subject
Next Message Andrew - Supernews 2005-05-13 17:43:11 Re: Views, views, views: Summary of Arguments
Previous Message Andrew Dunstan 2005-05-13 17:34:12 Re: Views, views, views: Summary of Arguments