security issues
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
- To: pgsql-admin@xxxxxxxxxxxxxxxxxxxx
- Subject: security issues
- From: Frank Eckes <frank.eckes@xxxxxxxxx>
- Date: Fri, 10 Dec 2021 15:33:36 +0100
- User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:78.0) Gecko/20100101 Thunderbird/78.14.0
Hi everybody,
To access data in a PostgreSQL database I write queries which contains
the business rules
how t access data. This is working fine and also the permission are
working fine.
But I found out that a user can see the complete business rules in a
query or a procedure which is
a big security issue.
Is there e possibility that I can hide the definition and th user can
only see the data or can execute
the procedure/function.
And even worse, if i define a foreign server (e.g ORACLE) everybody can
see the credentials in a user mapping
which should not be allowed. This might be a show stopper of using
PostgreSQL in security environments.
Regards
Frank Eckes
[Index of Archives]
[Postgresql Home]
[Postgresql General]
[Postgresql Performance]
[Postgresql PHP]
[Postgresql Jobs]
[PHP Users]
[PHP Databases]
[PHP Home]
[PHP on Windows]
[Kernel Newbies]
[PHP Classes]
[PHP Databases]
[Yosemite Forum]
