Re: Increasing security in a shared environment ...

On Mon, 29 Mar 2004, Dave Page wrote:

> It's rumoured that Euler Taveira de Oliveira once said:
> > Hi Christopher,
> >
> >> > "The \l command should only list databases that the current user is
> >> > authorized for, the \du command should only list users authorized
> >> > for the current database (and perhaps only superusers should get
> >> > even that much information), etc.  Perhaps it is possible to set PG
> >> > to do this, but that should probably be the default."
> >> >
> > Seem reasonable. Why not prevent normal users to dig on the pg_catalog?
> > What is the impact of it?
>
> Because they can't use tools like pgAdmin or phpPgAdmin unless they can at
> least read all the catalogs.

k, but what I'm suggesting shouldn't prevent that, should it?  They should
only be able to see those resources that they have permissions to see, not
all of them ... no?

----
Marc G. Fournier           Hub.Org Networking Services (http://www.hub.org)
Email: scrappy@hub.org           Yahoo!: yscrappy              ICQ: 7615664