Thread: REVOKE ALL ON SCHEMA pg_catalog FROM PUBLIC

REVOKE ALL ON SCHEMA pg_catalog FROM PUBLIC

From

Michal Seidl

Date:

11 November 2010, 23:34:25

Hello,
I would like to set up database as private as much as possible. The
basic problem is that default access for 'PUBLIC' allows any user to get
information about other existing databases, users, schemas, tables etc.

I think of something like
REVOKE ALL ON SCHEMA pg_catalog FROM PUBLIC
REVOKE ALL ON SCHEMA information_schema FROM PUBLIC

but I am not sure about consequences and I did not find any useful
information in manual.

Thanks Michal

Re: REVOKE ALL ON SCHEMA pg_catalog FROM PUBLIC

From

"Joshua D. Drake"

Date:

12 November 2010, 00:39:03

On Fri, 2010-11-12 at 01:34 +0100, Michal Seidl wrote:
> Hello,
> I would like to set up database as private as much as possible. The
> basic problem is that default access for 'PUBLIC' allows any user to get
> information about other existing databases, users, schemas, tables etc.
>
> I think of something like
> REVOKE ALL ON SCHEMA pg_catalog FROM PUBLIC
> REVOKE ALL ON SCHEMA information_schema FROM PUBLIC
>
> but I am not sure about consequences and I did not find any useful
> information in manual.

That's cause its a bad idea. Try it :D


Joshua D. Drake

>
> Thanks Michal
>

--
PostgreSQL.org Major Contributor
Command Prompt, Inc: http://www.commandprompt.com/ - 509.416.6579
Consulting, Training, Support, Custom Development, Engineering
http://twitter.com/cmdpromptinc | http://identi.ca/commandprompt