Re: Effects of REVOKE SELECT ON ALL TABLES IN SCHEMA pg_catalog FROM PUBLIC

På torsdag 12. september 2024 kl. 16:10:26, skrev Christophe Pettus <
xof(at)thebuild(dot)com <mailto:xof(at)thebuild(dot)com>>:

> On Sep 12, 2024, at 06:58, Greg Sabino Mullane <htamfids(at)gmail(dot)com> wrote:
>
> But if it works for you, go ahead. As Tom said, it will work 95% of the
time. But it will break things that should work, and it will not prevent the
ability to get the information in other ways. To be clear, we never recommend
messing with the system catalogs, and this falls under the umbrella of messing
with the system catalogs.

I can only echo that if the compliance people are taking a position that "you
need to make an unsupported, ad-hoc modification to the database software's
authentication system in order to meet this requirement," then the requirement
is one that you should run, not walk, to get a waiver to, as that's a very
unreasonable position for them to take.

We're probably going down the postgres_fdw route, that seems to do the job.

--
Andreas Joseph Krogh
CTO / Partner - Visena AS
Mobile: +47 909 56 963
andreas(at)visena(dot)com <mailto:andreas(at)visena(dot)com>
www.visena.com <https://www.visena.com>
<https://www.visena.com>