Re: Catalog Security WAS: Views, views, views: Summary

>>Tom mentioned that he had not had these security concerns raised before.  From 
>>my point of view I just have no idea about the level of information offered 
>>to any given user and am scared to run PostgreSQL in an ISP shared 
>>environment because of it.  I am sure I can secure people from connecting to 
>>a db by refusing them access in pg_hba.conf.  But I'm unsure of exactly what 
>>that buys me, and what is doesn't.
> 
> It's certainly also a concern of mine that any given use can see every
> table in the database.  I see that as a definite problem and just
> assumed it was already on the radar and something that was planned to be
> fixed.  It astounds me that the claim is that such security is
> impossible.  
> 
> It bothers me a great deal that I can't control very easily what a given
> user can see when they connect over ODBC or via phppgadmin in terms of
> schemas, tables and columns.  I fixed this in application code in
> phppgadmin but that's clearly insufficient since it doesn't do anything
> for the other access methods.

Modifiying phpPgAdmin is useless - people can query the catalogs manually.

Hackers - we get an email about information hiding in shared 
postgresql/phppgadmin installations at least once a fortnight :)

Chris