Greetings, * Laurenz Albe (laurenz.albe@xxxxxxxxxxx) wrote: > On Fri, 2020-09-11 at 15:13 -0600, Henry Francisco Garcia Cortez wrote: > > how to restrict a user from seeing a schema in postgresql > > It is easy to restrict access, but not really possible to keep a user > from seeing the metadata. We consider that a good thing. I don't see why that is or should be the case. If there's no reason or need for someone to have access to that metadata, then they shouldn't have access to it. There was some work to implement RLS on the catalog tables at one point but unfortunately that's not likely to actually be a good solution since so much access to the catalog doesn't go through the exectuor, but the general idea of limiting access to that information is a good one. If it was free to do so, or only impacted those who wanted that without complicating the code a lot, it'd absolutely be a good improvement. Unfortunately, there's no simple way to ensure that and I don't know of anyone actively working to figure out a way, but I disagree with the idea that the current state is 'a good thing'. Thanks, Stephen
Attachment:
signature.asc
Description: PGP signature
