Re: system catalog permissions

On 02/26/2018 03:47 PM, Tom Lane wrote:
> PropAAS DBA <dba@propaas.com> writes:
>> We have a client which is segmenting their multi-tenant cluster
>> (PostgreSQL 9.6) by schema, however if one of their clients connects via
>> pgadmin they see ALL schemas, even the ones they don't have access to
>> read.
> PG generally doesn't assume that anything in the system catalogs is
> sensitive.  If you don't want user A looking at user B's catalog
> entries, give them separate databases, not just separate schemas.

I'm sure this is what you meant, but you need to give them separate 
*clusters*, right? Even with separate databases you can still get a list 
of the other databases and other roles in the cluster. I would actually 
love to be mistaken but when I looked at it a year or two ago I couldn't 
find a way to lock that down (without breaking a lot of tools anyway).

Thanks!

-- 
Paul              ~{:-)
pj@illuminatedcomputing.com