| From: | Joe Conway <mail(at)joeconway(dot)com> |
|---|---|
| To: | Alan Droege <adroege(at)perfectpractice(dot)com>, pgsql-general(at)postgresql(dot)org, adroege(at)adclegal(dot)com |
| Subject: | Re: RLS on catalog tables would be helpful |
| Date: | 2016-03-02 19:37:42 |
| Message-ID: | 56D74106.7080709@joeconway.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general |
On 03/02/2016 11:29 AM, Alan Droege wrote:
> I have removed SELECT rights from the pg_proc.prosrc column so that
> I can hide the source code of stored functions. This is working OK,
> however I would really like to just hide certain functions via RLS.
> I understand that great damage could be done to the system catalog by
> allowing users to mess with them, however RLS seems to be a great
> idea in this case.
>
> Has this been thought about? Any plans to change in the future?
It has been discussed at some length and there is a specific
implementation patch that has been proposed. See:
It would be good for you to add your thoughts on your use case and
specific functionality you would require to that thread.
Joe
--
Crunchy Data - http://crunchydata.com
PostgreSQL Support for Secure Enterprises
Consulting, Training, & Open Source Development
| From | Date | Subject | |
|---|---|---|---|
| Next Message | drum.lucas@gmail.com | 2016-03-02 19:51:20 | Re: Export binary data - PostgreSQL 9.2 |
| Previous Message | Alan Droege | 2016-03-02 19:29:15 | RLS on catalog tables would be helpful |