Thread: Visibility of objects in other schema's

Visibility of objects in other schema's

From
Fred Vos
Date:
Hello,

Since version 7.3 of PostgreSQL it's possible to create schema's. The
User's Guide (paragraph 2.8.4) says that it is not possible to view
objects from a schema you do not own:

"By default, users cannot see the objects in schemas they do not own."

I'm using PostgreSQL 7.3.4 under Linux. As the administrator I created
two schema's for two users:

create schema vosf authorization vosf;
create schema snefru authorization snefru;

If I logon to the database with psql as user vosf and create a table, it
is created under schema vosf. That's good. If I logon to the same
database with psql as user snefru and issue:

\d vosf.*

I can see all tables within the vosf schema. Paragraph 2.8.4 says I
should not. I cannot do selects from these tables, but I think seeing
what tables a user has created and which columns these have is wrong. I
want to use a single database on a single server, but this visibility
issue keeps me using multiple databases. Is it considered a problem? If
so, is it a known problem? Not subscribed anymore to any PostgreSQL
list, I searched the archives, but did not find a similar question.

Thanks for any help. PostgreSQL is a great database.

Fred







Re: Visibility of objects in other schema's

From
Tom Lane
Date:
Fred Vos <fred.vos@uvt.nl> writes:
> Since version 7.3 of PostgreSQL it's possible to create schema's. The
> User's Guide (paragraph 2.8.4) says that it is not possible to view
> objects from a schema you do not own:

> "By default, users cannot see the objects in schemas they do not own."

Poor choice of verb, I think ... it should say "cannot access the objects".

> Is it considered a problem?

No, it isn't.  The \d commands rely only on being able to read the
system catalogs, which is a facility we do not intend to eliminate.

            regards, tom lane