Search Postgresql Archives

Re: How to hide stored procedure's bodies from specific user

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Thanks for your help

I want to restrict some postgres users as much as possible and allow them to execute a few my own stored procedures only.

If I block access using:

REVOKE ALL ON pg_catalog.pg_proc FROM PUBLIC;
REVOKE ALL ON FUNCTION pg_catalog.pg_get_functiondef(oid) FROM PUBLIC;

the user will fail to select procedure's body from pg_catalog.pg_proc and using psql \sf of \ef.
Is this method correct?

2015-02-12 11:53 GMT+03:00 Saimon Lim <aimon.slim@xxxxxxxxx>:
For clarification - I run the commands using psql program.

2015-02-11 12:54 GMT+03:00 Saimon Lim <aimon.slim@xxxxxxxxx>:
Hi
I want to hide my own stored procedures' bodies from the specific user.
As far as I know, procedure's body is visible in the pg_catalog.pg_proc table.

So, I did the following:
REVOKE ALL ON pg_catalog.pg_proc FROM PUBLIC;

And after it, when user tries:
SELECT * from pg_proc;

The following error occurs:
ERROR:  permission denied for relation pg_proc

It turns out that user don't have access to the body of the procedure.
But I still can get stored procedure's body using
\sf function_name 
or with 
\ef function_name

So, how can I completely hide my own stored procedure's bodies from this user?

Thanks in advance
Saimon


[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Postgresql Jobs]     [Postgresql Admin]     [Postgresql Performance]     [Linux Clusters]     [PHP Home]     [PHP on Windows]     [Kernel Newbies]     [PHP Classes]     [PHP Books]     [PHP Databases]     [Postgresql & PHP]     [Yosemite]
  Powered by Linux