Quick Links

Re: Another user complaint regarding visibility of pg_catalog data

From:	"David G(dot) Johnston" <david(dot)g(dot)johnston(at)gmail(dot)com>
To:	Laurenz Albe <laurenz(dot)albe(at)cybertec(dot)at>
Cc:	PostgreSQL Documentation <pgsql-docs(at)lists(dot)postgresql(dot)org>
Subject:	Re: Another user complaint regarding visibility of pg_catalog data
Date:	2023-11-08 12:31:39
Message-ID:	CAKFQuwYdv1ALxZhS4fy+QTfJ3zp9e7fBk2VfV8YTeOyPEAQCnA@mail.gmail.com
Views:	Raw Message \| Whole Thread \| Download mbox \| Resend email
Thread:
Lists:	pgsql-docs

On Wednesday, November 8, 2023, Laurenz Albe <laurenz(dot)albe(at)cybertec(dot)at>
wrote:

>
>
> When people ask my "why?", I tend to answer "why not?". It is not a
> security
> problem, in my opinion. Every user is allowed to know that I have a table
> "purchase" with a column "credit_card_nr". As long as the permissions are
> set
> correctly, that is no problem. Any attempt to hide that information is at
> best
> "security by obscurity".
>

The typical answer is some variant of trade secrets. Though wanting to
store private info in a comment has some merit too.

David J.

In response to

Re: Another user complaint regarding visibility of pg_catalog data at 2023-11-08 11:58:58 from Laurenz Albe

Responses

Re: Another user complaint regarding visibility of pg_catalog data at 2023-11-08 14:04:31 from Laurenz Albe

Browse pgsql-docs by date

	From	Date	Subject
Next Message	David G. Johnston	2023-11-08 13:34:38	Re: CREATE SUBSCRIPTION issue
Previous Message	PG Doc comments form	2023-11-08 12:26:12	CREATE SUBSCRIPTION issue