| From: | "Dave Page" <dpage(at)vale-housing(dot)co(dot)uk> |
|---|---|
| To: | <euler(at)ufgnet(dot)ufg(dot)br> |
| Cc: | <chriskl(at)familyhealth(dot)com(dot)au>, <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | Re: Increasing security in a shared environment ... |
| Date: | 2004-03-29 18:11:13 |
| Message-ID: | 50000.80.177.99.193.1080583873.squirrel@ssl.vale-housing.co.uk |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
It's rumoured that Euler Taveira de Oliveira once said:
> Hi Christopher,
>
>> > "The \l command should only list databases that the current user is
>> > authorized for, the \du command should only list users authorized
>> > for the current database (and perhaps only superusers should get
>> > even that much information), etc. Perhaps it is possible to set PG
>> > to do this, but that should probably be the default."
>> >
> Seem reasonable. Why not prevent normal users to dig on the pg_catalog?
> What is the impact of it?
Because they can't use tools like pgAdmin or phpPgAdmin unless they can at
least read all the catalogs.
Regards, Dave
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Tom Lane | 2004-03-29 18:16:25 | Re: Increasing security in a shared environment ... |
| Previous Message | Marc G. Fournier | 2004-03-29 17:20:59 | Re: Increasing security in a shared environment ... |