| From: | Stephen Frost <sfrost(at)snowman(dot)net> |
|---|---|
| To: | "Jim C(dot) Nasby" <decibel(at)decibel(dot)org> |
| Cc: | Christopher Kings-Lynne <chriskl(at)familyhealth(dot)com(dot)au>, Russell Smith <mr-russ(at)pws(dot)com(dot)au>, Andrew Dunstan <andrew(at)dunslane(dot)net>, andrew(at)supernews(dot)com, pgsql-hackers(at)postgresql(dot)org |
| Subject: | Re: Catalog Security WAS: Views, views, views: Summary |
| Date: | 2005-05-14 14:00:09 |
| Message-ID: | 20050514140009.GF30011@ns.snowman.net |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
* Jim C. Nasby (decibel(at)decibel(dot)org) wrote:
> On Sat, May 14, 2005 at 08:55:17AM -0400, Stephen Frost wrote:
> > * Christopher Kings-Lynne (chriskl(at)familyhealth(dot)com(dot)au) wrote:
> > > Hackers - we get an email about information hiding in shared
> > > postgresql/phppgadmin installations at least once a fortnight :)
> >
> > I agree with this- it needs to be dealt with and fixed already, once and
> > for all.
>
> Given that the newsysviews all base visibility on granted permissions,
> would they do the job for you?
From what I've seen of them, yes, I believe they're exactly what I'm
looking for. Of course, I'd really like to have them in core and have
client applications updated to use them (assuming they need to be
changed, which I'm guessing they would), etc.
Unfortunately it's a bit too late to change what I'm about to put into
production to the newsysviews (not 100% sure they're entirely ready yet
either) but I'll set them up on some of my development machines and play
around with them some more. Here's to hopeing they're in 8.1...
Thanks,
Stephen
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Jim C. Nasby | 2005-05-14 14:00:44 | Re: Server instrumentation for 8.1 |
| Previous Message | Jim C. Nasby | 2005-05-14 13:50:09 | Re: Catalog Security WAS: Views, views, views: Summary |