Re: How to hide stored procedure's bodies from specific user

Thanks for your help

I want to restrict some postgres users as much as possible and allow them
to execute a few my own stored procedures only.

If I block access using:

REVOKE ALL ON pg_catalog.pg_proc FROM PUBLIC;
REVOKE ALL ON FUNCTION pg_catalog.pg_get_functiondef(oid) FROM PUBLIC;

the user will fail to select procedure's body from pg_catalog.pg_proc and
using psql \sf of \ef.
Is this method correct?

2015-02-12 11:53 GMT+03:00 Saimon Lim <aimon(dot)slim(at)gmail(dot)com>:

> For clarification - I run the commands using psql program.
>
> 2015-02-11 12:54 GMT+03:00 Saimon Lim <aimon(dot)slim(at)gmail(dot)com>:
>
>> Hi
>> I want to hide my own stored procedures' bodies from the specific user.
>> As far as I know, procedure's body is visible in the pg_catalog.pg_proc
>> table.
>>
>> So, I did the following:
>> REVOKE ALL ON pg_catalog.pg_proc FROM PUBLIC;
>>
>> And after it, when user tries:
>> SELECT * from pg_proc;
>>
>> The following error occurs:
>> ERROR: permission denied for relation pg_proc
>>
>> It turns out that user don't have access to the body of the procedure.
>> But I still can get stored procedure's body using
>> \sf function_name
>> or with
>> \ef function_name
>>
>> So, how can I completely hide my own stored procedure's bodies from this
>> user?
>>
>> Thanks in advance
>> Saimon
>>
>
>