Thread: Disable Save results to file button
Hi
I am using PGAdmin 4.8.13 and want to make sure that users are not allowed to download or export the query results. How can I disable buttons that allow users to export or save to file.
For example: disable Save to file button
Thanks in advance
Regards
Srini Genji
> On Nov 20, 2024, at 5:06 PM, Srini Genji <srini.genji@gmail.com> wrote: > > Hi > I am using PGAdmin 4.8.13 and want to make sure that users are not allowed to download or export the query results. Howcan I disable buttons that allow users to export or save to file. > For example: disable Save to file button > Thanks in advance LOL, explain to your boss what a stupid idea this is. You have a user who has credentials to query the database, yet youwant to stop that user from using the data, in one specific application. Like the user can't connect with psql, or DBeaver,or any other of a hundred applications...
Thanks Scott,
This is coming mainly from security to avoid users downloading huge datasets containing sensitive data in to their machine
Regards
Srini Genji
On Thu, 21 Nov 2024, 11:17 am Scott Ribe, <scott_ribe@elevated-dev.com> wrote:
> On Nov 20, 2024, at 5:06 PM, Srini Genji <srini.genji@gmail.com> wrote:
>
> Hi
> I am using PGAdmin 4.8.13 and want to make sure that users are not allowed to download or export the query results. How can I disable buttons that allow users to export or save to file.
> For example: disable Save to file button
> Thanks in advance
LOL, explain to your boss what a stupid idea this is. You have a user who has credentials to query the database, yet you want to stop that user from using the data, in one specific application. Like the user can't connect with psql, or DBeaver, or any other of a hundred applications...
On Wed, Nov 20, 2024 at 7:38 PM Srini Genji <srini.genji@gmail.com> wrote:
This is coming mainly from security to avoid users downloading huge datasets containing sensitive data in to their machine
I appreciate the desire here, and it isn't unreasonable, but it is also technically nearly impossible. If you have given a person credentials, network access, and the relevant database permissions to see all of that data they will be able to make a copy of it that you do not control. While marginal improvements are possible, the cost of doing them (and available mitigations) discourages people from working on such patches in favor of other things.
If this is a security risk you need to mitigate in PostgreSQL you probably need to implement a solution where the user does not directly have credentials for the database, but asks some proxy to access the database on their behalf (e.g., a webapp) and in that proxy you institute such policies. I feel like some tools and extensions in this area likely exist, though I am not personally familiar with any of them if that is so.
Yes, ideally pgAdmin, if you can otherwise lock down their machine and prohibit any other software from being run as well as ensure their credentials only are usable on that machine (both doable propositions I daresay) would fill in the missing piece and provide a viewer-only option. Or maybe just run it on a server where the local machine isn't accessible to the user...
David J.
(p.s., this is the admin mailing list for the PostgreSQL server, not the mailing list for the third-party pgAdmin product. If you have a requirement to use pgAdmin you may wish to converse with that team in their own channels.)
On Wed, Nov 20, 2024 at 7:06 PM Srini Genji <srini.genji@gmail.com> wrote:
HiI am using PGAdmin 4.8.13 and want to make sure that users are not allowed to download or export the query results. How can I disable buttons that allow users to export or save to file.For example: disable Save to file buttonThanks in advance
pgAdmin4 is open source. Build your own custom version that has removed the relevant code.
Death to <Redacted>, and butter sauce.
Don't boil me, I'm still alive.
<Redacted> lobster!