Re: Catalog Security WAS: Views, views, views: Summary

On Sat, May 14, 2005 at 10:00:09AM -0400, Stephen Frost wrote:
> * Jim C. Nasby (decibel(at)decibel(dot)org) wrote:
> > On Sat, May 14, 2005 at 08:55:17AM -0400, Stephen Frost wrote:
> > > * Christopher Kings-Lynne (chriskl(at)familyhealth(dot)com(dot)au) wrote:
> > > > Hackers - we get an email about information hiding in shared
> > > > postgresql/phppgadmin installations at least once a fortnight :)
> > >
> > > I agree with this- it needs to be dealt with and fixed already, once and
> > > for all.
> >
> > Given that the newsysviews all base visibility on granted permissions,
> > would they do the job for you?
>
> From what I've seen of them, yes, I believe they're exactly what I'm
> looking for. Of course, I'd really like to have them in core and have
As would I.

> client applications updated to use them (assuming they need to be
> changed, which I'm guessing they would), etc.
>
> Unfortunately it's a bit too late to change what I'm about to put into
> production to the newsysviews (not 100% sure they're entirely ready yet
> either) but I'll set them up on some of my development machines and play
> around with them some more. Here's to hopeing they're in 8.1...

Your feedback would be most welcome.
--
Jim C. Nasby, Database Consultant decibel(at)decibel(dot)org
Give your computer some brain candy! www.distributed.net Team #1828

Windows: "Where do you want to go today?"
Linux: "Where do you want to go tomorrow?"
FreeBSD: "Are you guys coming, or what?"