Re: revoked permissions on table still allows users to see table's structure
| От | Igor Neyman |
|---|---|
| Тема | Re: revoked permissions on table still allows users to see table's structure |
| Дата | |
| Msg-id | F4C27E77F7A33E4CA98C19A9DC6722A207D3866D@EXCHANGE.corp.perceptron.com обсуждение исходный текст |
| Ответ на | Re: revoked permissions on table still allows users to see table's structure ("Kevin Grittner" <Kevin.Grittner@wicourts.gov>) |
| Список | pgsql-admin |
-----Original Message----- From: Kevin Grittner [mailto:Kevin.Grittner@wicourts.gov] Sent: Friday, July 22, 2011 10:33 AM To: Juan Cuervo (Quality Telecom); Bob Lunney Cc: pgsql-admin@postgresql.org Subject: Re: revoked permissions on table still allows users to see table's structure I don't think I've used any database where the *structure* of database objects was hidden from someone connected to the database. There are typically system tables of some sort to which all authorized users in the database have read-only access. The parallel I would draw in the "real world" is that the format of the forms which are required for adoption in the Wisconsin court system are a matter of public record -- anybody can see the blank forms. Getting a look at data which has been entered onto such forms is a very different matter. If you want to hide the structure of the tables from a person, you need to deny that person authority to connect to the database. You can always allow such a person to connect to an application which you are running in a trusted environment. -Kevin Not exactly. In Oracle user needs to be granted SELECT_CATALOG_ROLE role in order to get SELECT privileges on data dictionary views. Regards, Igor Neyman
В списке pgsql-admin по дате отправления: