Re: How to deny remote backups ? - Mailing list pgsql-admin

From Bruno Wolff III
Subject Re: How to deny remote backups ?
Date
Msg-id 20050304174535.GA25380@wolff.to
Whole thread Raw
In response to Re: How to deny remote backups ?  (juanmime@ono.com)
List pgsql-admin
On Fri, Mar 04, 2005 at 17:33:02 +0100,
  juanmime@ono.com wrote:
>
> OK. but I think that an aproximation to the solution or a half solution could
> be deny the user consulting the system database catalog or (pg_tables). In
> that case,  the user is not able to know the name of the tables inside the
> db, and therefore he does not know which are the tables to dump. I think
> also, that pg_dump could fail at this scenario.


> 1. What do you think about this ?

I don't think it is a good idea. Since you are worried about this, I am going
to guess that the users are running a client (such as psql) to do their
inserts and deletes. If so, they are going to be able to find out the
table names. If this isn't the case and everything is being done by
an application running on the server, then you should be having that
application control access.

> 2. Is it possible (deny the access to the system catalog or tables (like
> pg_tables) to a certain user ?

You will break things if you prevent people from reading the system catalogs.

pgsql-admin by date:

Previous
From: Michael Fuhr
Date:
Subject: Re: How to deny remote backups ?
Next
From: "Lee Wu"
Date:
Subject: PG shutdown itself?