| From: | Richard Huxton <dev(at)archonet(dot)com> |
|---|---|
| To: | jeff sacksteder <jsacksteder(at)gmail(dot)com> |
| Cc: | pgsql-general(at)postgresql(dot)org |
| Subject: | Re: security documentation |
| Date: | 2005-09-30 07:07:38 |
| Message-ID: | 433CE43A.6040306@archonet.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general |
jeff sacksteder wrote:
> The security documentation available in the official documentation is rather
> sparse. Is there a more detailed document I should be aware of?
No.
> As an example, I'd like to prevent a a user from being able to get a list of
> existing databases. Presumably, I can limit access to various system
> catalogs to prevent this sort of thing, but if existing documentation exists
> it might prevent me from shooting myself in the foot too badly.
Limiting access to the system catalogues is not simple. I do recall
someone who was trying - might be worth checking the mailing list archives.
Are there any data access issues (as opposed to data visibility issues)
you are having?
--
Richard Huxton
Archonet Ltd
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Gábor Farkas | 2005-09-30 07:34:31 | to drop a 30GB database. is it slow? |
| Previous Message | Richard Huxton | 2005-09-30 07:04:36 | Re: Many-To-Many Bridge Table Index |