| From: | Christopher Kings-Lynne <chriskl(at)familyhealth(dot)com(dot)au> |
|---|---|
| To: | "Marc G(dot) Fournier" <scrappy(at)postgresql(dot)org> |
| Cc: | pgsql-hackers(at)postgresql(dot)org |
| Subject: | Re: Increasing security in a shared environment ... |
| Date: | 2004-03-29 04:46:58 |
| Message-ID: | 4067AA42.8070002@familyhealth.com.au |
| Views: | Whole Thread | Raw Message | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
> "The \l command should only list databases that the current user is
> authorized for, the \du command should only list users authorized for the
> current database (and perhaps only superusers should get even that much
> information), etc. Perhaps it is possible to set PG to do this, but that
> should probably be the default."
>
> This is from a PgSQL vs MySQL thread on -general ... how hard would it be
> make it so that a non-superuse user can't do a \l and see everyone's
> databases? Or, when doing a \d in a database you are able to connect to,
> it would only show those tables that you are authorized for?
Well, you can just go SELECT * FROM pg_database; so fixing \l won't do
anything.
I too would like to see more security in this respect, but it will be
difficult if not impossible to implement methinks...
Chris
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Joe Conway | 2004-03-29 05:49:16 | Re: Fuzzy cost comparison to eliminate redundant planning |
| Previous Message | Marc G. Fournier | 2004-03-29 04:28:34 | Increasing security in a shared environment ... |