PropAAS DBA <dba@xxxxxxxxxxx> writes: > We have a client which is segmenting their multi-tenant cluster > (PostgreSQL 9.6) by schema, however if one of their clients connects via > pgadmin they see ALL schemas, even the ones they don't have access to > read. I assume pgadmin is pulling the list from the system catalogs. > What's the right/best practice approach? revoke all from public on > specific system catalog tables? Which tables? Messing with the system catalog permissions is likely to break stuff you'd rather not break. PG generally doesn't assume that anything in the system catalogs is sensitive. If you don't want user A looking at user B's catalog entries, give them separate databases, not just separate schemas. regards, tom lane
