Home > mailing lists

Re: Restrict permissions on schema to hide pl/pgsql code - Mailing list pgsql-admin

From	Swanand Kshirsagar
Subject	Re: Restrict permissions on schema to hide pl/pgsql code
Date	July 24, 2019 19:47:08
Msg-id	CAMn6ZASyECgGPn1TtPnimgBXjFY--=Ay7SYFouvVG4PV3NSrJQ@mail.gmail.com Whole thread Raw
In response to	Re: Restrict permissions on schema to hide pl/pgsql code ("David G. Johnston" <david.g.johnston@gmail.com>)
Responses	Re: Restrict permissions on schema to hide pl/pgsql code ("David G. Johnston" <david.g.johnston@gmail.com>)
List	pgsql-admin

Tree view

Yes, that's the reason why I tried revoking permissions from pg_catalog.pg_proc table.

What's the right way to notify this OR check if there is any plan in roadmap?

On Wed, Jul 24, 2019 at 6:58 PM David G. Johnston <david.g.johnston@gmail.com> wrote:

On Wednesday, July 24, 2019, Swanand Kshirsagar <swanandon@gmail.com> wrote:
Isn't revoking permissions from a schema should take care of this situation?

The pl/pgsql function body is stored in pg_catalog which the user still has permission to read. There isn’t a good/supported way to work around this behavior.

David J.

pgsql-admin by date:

From: Peter Eisentraut
Date: 24 July 2019, 16:35:04
Subject: Re: pg_locks relation cant be found in pg_class

From: "David G. Johnston"
Date: 24 July 2019, 20:08:11
Subject: Re: Restrict permissions on schema to hide pl/pgsql code

Re: Restrict permissions on schema to hide pl/pgsql code - Mailing list pgsql-admin

Previous

Next