| From: | Swanand Kshirsagar <swanandon(at)gmail(dot)com> |
|---|---|
| To: | "David G(dot) Johnston" <david(dot)g(dot)johnston(at)gmail(dot)com> |
| Cc: | "pgsql-admin(at)lists(dot)postgresql(dot)org" <pgsql-admin(at)lists(dot)postgresql(dot)org> |
| Subject: | Re: Restrict permissions on schema to hide pl/pgsql code |
| Date: | 2019-07-24 16:47:08 |
| Message-ID: | CAMn6ZASyECgGPn1TtPnimgBXjFY--=Ay7SYFouvVG4PV3NSrJQ@mail.gmail.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-admin |
Yes, that's the reason why I tried revoking permissions from
pg_catalog.pg_proc table.
What's the right way to notify this OR check if there is any plan in
roadmap?
On Wed, Jul 24, 2019 at 6:58 PM David G. Johnston <
david(dot)g(dot)johnston(at)gmail(dot)com> wrote:
> On Wednesday, July 24, 2019, Swanand Kshirsagar <swanandon(at)gmail(dot)com>
> wrote:
>>
>> Isn't revoking permissions from a schema should take care of this
>> situation?
>>
>
> The pl/pgsql function body is stored in pg_catalog which the user still
> has permission to read. There isn’t a good/supported way to work around
> this behavior.
>
> David J.
>
>
>
| From | Date | Subject | |
|---|---|---|---|
| Next Message | David G. Johnston | 2019-07-24 17:08:11 | Re: Restrict permissions on schema to hide pl/pgsql code |
| Previous Message | Peter Eisentraut | 2019-07-24 13:35:04 | Re: pg_locks relation cant be found in pg_class |