Re: Views, views, views: Summary of Arguments
| От | Andrew Dunstan |
|---|---|
| Тема | Re: Views, views, views: Summary of Arguments |
| Дата | |
| Msg-id | 4284C135.4080507@dunslane.net обсуждение исходный текст |
| Ответ на | Re: Views, views, views: Summary of Arguments (Tom Lane <tgl@sss.pgh.pa.us>) |
| Список | pgsql-hackers |
Tom Lane wrote: >"Merlin Moncure" <merlin.moncure@rcsonline.com> writes: > > >>However, I think PostgreSQL has a fairly serious security problem in >>that the system catalogs are open to the public. I don't seem to be >>winning many supporters on this particular point though. >> >> > >No, you're not, and it's not like we've never heard this argument >before. > >Just upthread there were several complaints about the information_schema >being too restrictive to be useful --- I think we'd get a whole lot more >of that if we tried to prevent direct examination of the catalogs. > > > > There is a case for a facility to "harden" postgres. My experiments some time ago show you can pretty much hide everything without breaking anything badly if you're careful. I have it on my personal TODO list to complete a hardening script - although I have no idea when I'll get to it. cheers andrew
В списке pgsql-hackers по дате отправления: