> -----Original Message-----
> From: Merlin Moncure [mailto:merlin.moncure@rcsonline.com]
> Sent: 16 March 2005 16:54
> To: Dave Page
> Cc: pgadmin-hackers@postgresql.org
> Subject: RE: [pgadmin-hackers] prevent users from seeing
> pl/pgsql code in pgadmin
>
> > > I also tried hacking the search path and putting a pg_proc table
> into
> > > the public schema. While this fixed select * from pg_proc
> > > (but not /df),
> > > pgAdmin still pulled the function source.
> >
> > Odd - it didn't here. Every query on pg_proc resulted in a
> message box
> > telling me it couldn't select from pg_proc - protecting the source,
> but
> > breaking pgAdmin.
>
> What did you do exactly? Here's what I tried:
>
REVOKE ALL ON TABLE pg_proc FROM public;
Revoking select doesn't help because your test user doesn't have it in
the first place - public does.
pgadmin=# create user test;
CREATE USER
pgadmin=# create table foo(bar int4);
CREATE TABLE
pgadmin=# select relacl from pg_class where relname = 'foo';
relacl
--------
(1 row)
pgadmin=# grant select on table foo to test;
GRANT
pgadmin=# select relacl from pg_class where relname = 'foo';
relacl
---------------------------------------------
{postgres=arwdRxt/postgres,test=r/postgres}
(1 row)
pgadmin=# revoke select on table foo from test;
REVOKE
pgadmin=# select relacl from pg_class where relname = 'foo';
relacl
-----------------------------
{postgres=arwdRxt/postgres}
(1 row)
pgadmin=# grant select on table foo to public;
GRANT
pgadmin=# select relacl from pg_class where relname = 'foo';
relacl
-----------------------------------------
{postgres=arwdRxt/postgres,=r/postgres}
(1 row)
pgadmin=# revoke select on table foo from test;
REVOKE
pgadmin=# select relacl from pg_class where relname = 'foo';
relacl
-----------------------------------------
{postgres=arwdRxt/postgres,=r/postgres}
(1 row)
Thinking about it - is that a bug or a feature?
Regards, Dave.
