I guess that just means postgresql probably shouldn't be used in a multi-tenancy situation if you need;
- complete isolation between tenants
- you still want to give tenants direct and otherwise unfettered access to the database
just a thought,
rik.
On Wed, Jul 24, 2019 at 1:15 PM Tom Lane <tgl@xxxxxxxxxxxxx> wrote:
"David G. Johnston" <david.g.johnston@xxxxxxxxx> writes:
> You can consider this email to have accomplished both. Lacking someone
> saying they they are working on it and pointing you to a patch you can
> safely operate under the assumption that this behavior isn’t going to
> change.
It isn't. We've considered complaints like this before and determined
that we're not going to do anything about it. For better or worse, the
PG catalogs are readable by any authorized user, with only narrow
exceptions (like password columns).
A sufficiently determined person could perhaps do something like creating
their own PL that stores encrypted function source text in pg_proc, and
just hands it off to an existing PL after decryption. I'm not exactly
sure where you'd keep the decryption key though.
regards, tom lane
