| From: | Andreas Joseph Krogh <andreas(at)visena(dot)com> |
|---|---|
| To: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
| Cc: | Laurenz Albe <laurenz(dot)albe(at)cybertec(dot)at>, pgsql-general(at)lists(dot)postgresql(dot)org |
| Subject: | Re: prevent users from SELECT-ing from pg_roles/pg_database |
| Date: | 2024-05-28 06:07:38 |
| Message-ID: | VisenaEmail.88.6cc49db915a0e43f.18fbdcf4e42@origo-test01.app.internal.visena.net |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general |
På tirsdag 28. mai 2024 kl. 01:48:17, skrev Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us
<mailto:tgl(at)sss(dot)pgh(dot)pa(dot)us>>:
Laurenz Albe <laurenz(dot)albe(at)cybertec(dot)at> writes:
> On Mon, 2024-05-27 at 09:33 +0200, Andreas Joseph Krogh wrote:
>> I tried:
>> REVOKE SELECT ON pg_catalog.pg_database FROM public;
>> But that doesn't prevent a normal user from querying pg_database it seems…
> It works here.
Works for me too, although you'd have to do it over in each
database where you want it to be effective. (Although
pg_database is a shared catalog, the metadata about it
is not shared.)
regards, tom lane
Ah, that's what I was missing. Thanks for pointing that out, it's working as
expected now.
--
Andreas Joseph Krogh
CTO / Partner - Visena AS
Mobile: +47 909 56 963
andreas(at)visena(dot)com <mailto:andreas(at)visena(dot)com>
www.visena.com <https://www.visena.com>
<https://www.visena.com>
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Alexander Staubo | 2024-05-28 08:00:22 | Use of inefficient index in the presence of dead tuples |
| Previous Message | Tom Lane | 2024-05-27 23:48:17 | Re: prevent users from SELECT-ing from pg_roles/pg_database |