Re: revoked permissions on table still allows users to see table's structure

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 




-----Original Message-----
From: Kevin Grittner [mailto:Kevin.Grittner@xxxxxxxxxxxx] 
Sent: Friday, July 22, 2011 10:33 AM
To: Juan Cuervo (Quality Telecom); Bob Lunney
Cc: pgsql-admin@xxxxxxxxxxxxxx
Subject: Re: revoked permissions on table still allows users to see
table's structure


I don't think I've used any database where the *structure* of
database objects was hidden from someone connected to the database. 
There are typically system tables of some sort to which all
authorized users in the database have read-only access.  The
parallel I would draw in the "real world" is that the format of the
forms which are required for adoption in the Wisconsin court system
are a matter of public record -- anybody can see the blank forms. 
Getting a look at data which has been entered onto such forms is a
very different matter.
 
If you want to hide the structure of the tables from a person, you
need to deny that person authority to connect to the database.  You
can always allow such a person to connect to an application which
you are running in a trusted environment.
 
-Kevin

Not exactly.
In Oracle user needs to be granted SELECT_CATALOG_ROLE role in order to
get SELECT privileges on data dictionary views.

Regards,
Igor Neyman

-- 
Sent via pgsql-admin mailing list (pgsql-admin@xxxxxxxxxxxxxx)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-admin



[Index of Archives]     [KVM ARM]     [KVM ia64]     [KVM ppc]     [Virtualization Tools]     [Spice Development]     [Libvirt]     [Libvirt Users]     [Linux USB Devel]     [Linux Audio Users]     [Yosemite Questions]     [Linux Kernel]     [Linux SCSI]     [XFree86]

  Powered by Linux