From: | richard coleman <rcoleman(dot)ascentgl(at)gmail(dot)com> |
---|---|
To: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
Cc: | "David G(dot) Johnston" <david(dot)g(dot)johnston(at)gmail(dot)com>, Swanand Kshirsagar <swanandon(at)gmail(dot)com>, "pgsql-admin(at)lists(dot)postgresql(dot)org" <pgsql-admin(at)lists(dot)postgresql(dot)org> |
Subject: | Re: Restrict permissions on schema to hide pl/pgsql code |
Date: | 2019-07-24 17:44:50 |
Message-ID: | CAGA3vBuMYQfN7oGb9uH4mU-jb-N10=oh1S6VTJuMOb_HPz3mFQ@mail.gmail.com |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-admin |
I guess that just means postgresql *probably* shouldn't be used in a
multi-tenancy situation if you need;
- complete isolation between tenants
- you still want to give tenants direct and otherwise unfettered access
to the database
just a thought,
rik.
On Wed, Jul 24, 2019 at 1:15 PM Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> wrote:
> "David G. Johnston" <david(dot)g(dot)johnston(at)gmail(dot)com> writes:
> > You can consider this email to have accomplished both. Lacking someone
> > saying they they are working on it and pointing you to a patch you can
> > safely operate under the assumption that this behavior isn’t going to
> > change.
>
> It isn't. We've considered complaints like this before and determined
> that we're not going to do anything about it. For better or worse, the
> PG catalogs are readable by any authorized user, with only narrow
> exceptions (like password columns).
>
> A sufficiently determined person could perhaps do something like creating
> their own PL that stores encrypted function source text in pg_proc, and
> just hands it off to an existing PL after decryption. I'm not exactly
> sure where you'd keep the decryption key though.
>
> regards, tom lane
>
>
>
From | Date | Subject | |
---|---|---|---|
Next Message | Thomas Kellerer | 2019-07-24 18:59:35 | Re: Restrict permissions on schema to hide pl/pgsql code |
Previous Message | Tom Lane | 2019-07-24 17:15:39 | Re: Restrict permissions on schema to hide pl/pgsql code |