Re: How to deny remote backups ?
| От | Michael Fuhr |
|---|---|
| Тема | Re: How to deny remote backups ? |
| Дата | |
| Msg-id | 20050304170057.GA44195@winnie.fuhr.org обсуждение исходный текст |
| Ответ на | Re: How to deny remote backups ? (juanmime@ono.com) |
| Список | pgsql-admin |
On Fri, Mar 04, 2005 at 05:33:02PM +0100, juanmime@ono.com wrote: > OK. but I think that an aproximation to the solution or a half solution could > be deny the user consulting the system database catalog or (pg_tables). In > that case, the user is not able to know the name of the tables inside the > db, and therefore he does not know which are the tables to dump. I think > also, that pg_dump could fail at this scenario. Users presumably already know about the tables they're allowed to SELECT from -- otherwise how would they know to query them? So in that case, protecting the system catalogs wouldn't help. And for the tables that users don't know about but could discover through the system catalogs, if the users don't have SELECT privileges then they won't be able to dump those tables anyway. What problem are you really trying to solve? If you want to hide the fact that certain tables exist, then maybe you could put them in a separate database and use a mechanism involving dblink with views and/or functions to control access to them. -- Michael Fuhr http://www.fuhr.org/~mfuhr/
В списке pgsql-admin по дате отправления: