Re: Views, views, views! (long)

From: "Merlin Moncure" <merlin(dot)moncure(at)rcsonline(dot)com>
To: "Peter Eisentraut" <peter_e(at)gmx(dot)net>
Cc: "PostgreSQL-development" <pgsql-hackers(at)postgresql(dot)org>, "Josh Berkus" <josh(at)agliodbs(dot)com>
Subject: Re: Views, views, views! (long)
Date: 2005-05-10 15:21:41
Message-ID: 6EE64EF3AB31D5448D0007DD34EEB3415C27E9@Herge.rcsinc.local
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-hackers

> Am Freitag, 6. Mai 2005 12:20 schrieb Andreas Pflug:
> > > and the information_schema is next to useless for these things
since
> > > it doesn't have PostgreSQL specific things in it.
> >
> > And the restriction to current user owned objects reduces usability
to
> > zero.
>
> The information schema restricts the views to the objects to which you
> have
> some access right, which doesn't seem all that useless.

Not useless at all, I couldn't' agree with you more. In fact, there is a
good security argument to be made here as well. In the current state of
things, a user with no rights at all can see the entire database schema
including all the source code to the stored procedures. There are means
to circumvent this but they are very coarse and can cause unexpected
problems.

I think the information_schema approach to system metadata is ultimately
the correct one...but I also agree with Josh in that the various client
tools such as pgadmin and perhaps even pg_dump should be transitioned to
using views. After that the true system columns will no longer need
public access and everything becomes very elegant. To me, this is a
much finer grained security model and nobody complains about extra
security features.

Merlin

Responses

Browse pgsql-hackers by date

  From Date Subject
Next Message Magnus Hagander 2005-05-10 15:26:00 Re: Case insensitive usernames
Previous Message Dave Held 2005-05-10 15:08:23 Re: Oracle Style packages on postgres