Quick Links

Re: How to control pg_catalog results for each users?

From:	Laurenz Albe <laurenz(dot)albe(at)cybertec(dot)at>
To:	hirose shigeo(廣瀬繁雄 □SWC○ACT) <shigeo(dot)hirose(at)toshiba(dot)co(dot)jp>, pgsql-general(at)lists(dot)postgresql(dot)org
Subject:	Re: How to control pg_catalog results for each users?
Date:	2023-01-30 08:41:53
Message-ID:	564d8a38d11cee5f490cc0a40baf322fc884ed8a.camel@cybertec.at
Views:	Raw Message \| Whole Thread \| Download mbox \| Resend email
Thread:
Lists:	pgsql-general

On Mon, 2023-01-30 at 14:00 +0900, hirose shigeo(廣瀬繁雄 □SWC○ACT) wrote:
> all users can get the all of table name , table structure and other
> information from pg_catalog, which is considered a security problem.

The belief that restricting that will improve security goes by the name
of "security by obscurity", which is usually not considered robust.

Yours,
Laurenz Albe

In response to

How to control pg_catalog results for each users? at 2023-01-30 05:00:43 from hirose shigeo (廣瀬繁雄 □SWC○ACT)

Responses

Re: How to control pg_catalog results for each users? at 2023-01-30 13:18:35 from Ron

Browse pgsql-general by date

	From	Date	Subject
Next Message	Venkata B Nagothi	2023-01-30 08:53:30	Question on Logical Replication
Previous Message	Tom Lane	2023-01-30 05:48:51	Re: How to control pg_catalog results for each users?