Tom Lane-2 wrote > Saimon < > aimon.slim@ > > writes: >> I want to restrict access for some user for tables and views in >> pg_catalog >> schema. > > The system is not designed to support this, and you should not expect to > succeed at hiding things this way. I would expect a note at: http://www.postgresql.org/docs/9.4/interactive/catalogs.html indicating what you've noted above. "Furthermore, the contents of each table, unless noted in the table's description, is viewable by all users and cannot be revoked. In particular, the contents of functions (pg_proc) are visible even if the user has not been given permissions sufficient to EXECUTE the function." A similar note should be added to both the pg_proc page and the "CREATE FUNCTION" SQL command page. The fact that the contents of a function are visible even to users unable to execute said function is not something that would be readily assumed or considered by a novice. Have I generalized to the point of being incorrect and/or miss where this is discussed elsewhere in the documentation? While not frequent this seems to come up enough to warrant documentation of the system's design choices in this area. David J. -- View this message in context: http://postgresql.nabble.com/Revoking-access-for-pg-catalog-schema-objects-tp5838337p5838367.html Sent from the PostgreSQL - general mailing list archive at Nabble.com. -- Sent via pgsql-general mailing list (pgsql-general@xxxxxxxxxxxxxx) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-general
