Home > mailing lists

Re: Restricting user to see schema structure - Mailing list pgsql-general

From	Adrian Klaver
Subject	Re: Restricting user to see schema structure
Date	May 12, 2022 21:44:27
Msg-id	048ab2c5-ddf6-d039-3c2a-1828d8c9137b@aklaver.com Whole thread Raw
In response to	Re: Restricting user to see schema structure (Bryn Llewellyn <bryn@yugabyte.com>)
Responses	Re: Restricting user to see schema structure
List	pgsql-general

Tree view

On 5/12/22 11:29, Bryn Llewellyn wrote:

> I've prototyped this scheme. It seems to work as designed. A client that connects with psql (or any other tool) can
listthe API functions and whatever \df and \sf show. (notice that \d will reveal nothing.)But doing this reveals only
thenames of the functions that are called (which will be identical to the jacket names—so no risk here) and the name(s)
ofthe schema(s) where they live (so a minor theoretical risk here).
 
> 
> Full disclosure: I've never done this in anger.

Try select * from pg_class or select * from pg_attribute or any of the 
other system catalogs.




-- 
Adrian Klaver
adrian.klaver@aklaver.com

pgsql-general by date:

From: Bryn Llewellyn
Date: 12 May 2022, 21:40:27
Subject: Re: Deferred constraint trigger semantics

From: "David G. Johnston"
Date: 12 May 2022, 22:14:20
Subject: Re: Restricting user to see schema structure

Re: Restricting user to see schema structure - Mailing list pgsql-general

Previous

Next