Re: Prevent users from executing pg_dump against tables
| От | Ron Johnson |
|---|---|
| Тема | Re: Prevent users from executing pg_dump against tables |
| Дата | |
| Msg-id | CANzqJaC8eCBMttR9AEREi8E9ZXtGLoRQEfyDo0fGOJRKDwWU+g@mail.gmail.com обсуждение исходный текст |
| Ответ на | Prevent users from executing pg_dump against tables (RAJAMOHAN <garajamohan@gmail.com>) |
| Список | pgsql-general |
On Thu, May 2, 2024 at 1:47 AM RAJAMOHAN <garajamohan@gmail.com> wrote:
Hello all,In our production db infrastructure, we have one read_only role which has read privileges against all tables in schema A.We are planning to grant this role to some developers for viewing the data, but also I want to limit the users from executing statements like copy or using pg_dump. Main reason being I don't want the data to be copied from the database to their local machines.I tried by implementing triggers, but was not able to figure out a way to restrict the pg_dump and allow only select statements.
If you can query a table, then you can save the query contents to your local context. That's a fundamental law of nature, since you gave them read privs.
For example:
psql --host=SomeEC2Node $DB -Xc "SELECT * FROM read_only_table;" > read_only_table.txt
That even works on Windows.
В списке pgsql-general по дате отправления: