Tom Lane wrote:
>"Merlin Moncure" <merlin.moncure@rcsonline.com> writes:
>
>
>>However, I think PostgreSQL has a fairly serious security problem in
>>that the system catalogs are open to the public. I don't seem to be
>>winning many supporters on this particular point though.
>>
>>
>
>No, you're not, and it's not like we've never heard this argument
>before.
>
>Just upthread there were several complaints about the information_schema
>being too restrictive to be useful --- I think we'd get a whole lot more
>of that if we tried to prevent direct examination of the catalogs.
>
>
>
>
There is a case for a facility to "harden" postgres. My experiments some
time ago show you can pretty much hide everything without breaking
anything badly if you're careful. I have it on my personal TODO list to
complete a hardening script - although I have no idea when I'll get to it.
cheers
andrew
