Security Question
Hi all..
Is there any way to prevent a regular user (not super, no createdb)
from being able to select from pg_user and pg_database to get a list of
databases, users and table schemas on the machine? I know they can't
actually select from the data tables but seeing the schema in some
cases is risk enough..
Thanks!
-Mitch
Mitch <postgresql@karboneye.com> writes:
Is there any way to prevent a regular user (not super, no createdb)
from being able to select from pg_user and pg_database to get a list of
databases, users and table schemas on the machine?
Well, you could alter the permissions on the system catalogs, but
I suspect you'll find you do not like the side-effects. A lot of stuff
is likely to break if it can't see the catalogs.
regards, tom lane