Re: Updates of SE-PostgreSQL 8.4devel patches

Andrew Sullivan wrote:
> On Fri, Oct 10, 2008 at 01:09:48PM +0900, KaiGai Kohei wrote:
> 
> >> 4.  Metadata-level access controls.  None of the proposals so far seem
> >> to provide a complete set of access controls for the system details --
> >> schemas, databases, &c.  Such controls are often requested, so I
> >> wonder about that.
> >
> > We are already have GRANT/REVOKE on databases, schemaes and so on
> > as a core facility. This optional facility does not need to provide
> > it again.
> 
> I think I wasn't clear enough.  One of the requests we hear all the
> time -- indeed, somone just posted an RFQ looking for coders for it --
> is a request to prevent users who haven't any permission on a database
> to learn anything about it at all.  In a shared hosting environment,
> for instance, the idea is that two customers can have databases in the
> same back end, and not be able to learn anything about one another
> _including that they are there_.  I am pretty sure I first heard
> someone wishing for something like that when was using PostgreSQL
> 6.something, so it's a long-standing irritant.

I think we could use row-level access control to prevent people from
seeing databases they should not see in pg_database.

--  Bruce Momjian  <bruce@momjian.us>        http://momjian.us EnterpriseDB
http://enterprisedb.com
 + If your life is a hard drive, Christ can be your backup. +