Re: Catalog Security WAS: Views, views, views: Summary

From: "Jim C(dot) Nasby" <decibel(at)decibel(dot)org>
To: Christopher Kings-Lynne <chriskl(at)familyhealth(dot)com(dot)au>, Russell Smith <mr-russ(at)pws(dot)com(dot)au>, Andrew Dunstan <andrew(at)dunslane(dot)net>, andrew(at)supernews(dot)com, pgsql-hackers(at)postgresql(dot)org
Subject: Re: Catalog Security WAS: Views, views, views: Summary
Date: 2005-05-14 14:07:52
Message-ID: 20050514140752.GC30902@decibel.org
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-hackers

On Sat, May 14, 2005 at 10:00:09AM -0400, Stephen Frost wrote:
> * Jim C. Nasby (decibel(at)decibel(dot)org) wrote:
> > On Sat, May 14, 2005 at 08:55:17AM -0400, Stephen Frost wrote:
> > > * Christopher Kings-Lynne (chriskl(at)familyhealth(dot)com(dot)au) wrote:
> > > > Hackers - we get an email about information hiding in shared
> > > > postgresql/phppgadmin installations at least once a fortnight :)
> > >
> > > I agree with this- it needs to be dealt with and fixed already, once and
> > > for all.
> >
> > Given that the newsysviews all base visibility on granted permissions,
> > would they do the job for you?
>
> From what I've seen of them, yes, I believe they're exactly what I'm
> looking for. Of course, I'd really like to have them in core and have
As would I.

> client applications updated to use them (assuming they need to be
> changed, which I'm guessing they would), etc.
>
> Unfortunately it's a bit too late to change what I'm about to put into
> production to the newsysviews (not 100% sure they're entirely ready yet
> either) but I'll set them up on some of my development machines and play
> around with them some more. Here's to hopeing they're in 8.1...

Your feedback would be most welcome.
--
Jim C. Nasby, Database Consultant decibel(at)decibel(dot)org
Give your computer some brain candy! www.distributed.net Team #1828

Windows: "Where do you want to go today?"
Linux: "Where do you want to go tomorrow?"
FreeBSD: "Are you guys coming, or what?"

In response to

Browse pgsql-hackers by date

  From Date Subject
Next Message Andrew Dunstan 2005-05-14 14:22:01 Re: Server instrumentation for 8.1
Previous Message Jim C. Nasby 2005-05-14 14:00:44 Re: Server instrumentation for 8.1