That's because the
definitions of the functions are not stored in the schema.
functions are stored in
the pg_catalog schema in the pg_proc table and views are accessible via
the multiple pg_get_viewdef functions in the same schema.
If you block access to
that table and fucntion then pgadmin would not be able to show the
function or view definition.
However, as long as the
user has access to a backup, they have access to all the definitions,
no matter what you do.
Sim
-------- Original
Message --------
Subject: create a limited user in Postgre
From: Willy-Bas Loos <willybas@xxxxxxxxx>
To: Sim Zacks <sim@xxxxxxxxxxxxxx>
Date: Tuesday, January 22, 2008 09:53:13 AM
>and another that only could make queries and could not
see nor
>modify the functions.
Up until 8.1 it is possible to see all the functions (plpgsql code) in
pgAdmin, even if you don't have access rights to the schema.
I'm not sure how this is in 8.2 or 8.3?
WBL
On Jan 22, 2008 7:02 AM, Sim Zacks <
sim@xxxxxxxxxxxxxx>
wrote:
That's
not very open-source of you. LOL.
Aside from database permission issues, which are not a problem, you
would also
have to not give them superuser access to their own database server
(something
that a lot of companies will not be happy with). Especially if they
want to the
possibility of other databases on the server. You would also have to
prevent
them from holding onto the backups, something that most companies would
not
tolerate at all.
sim
Guillermo Arias wrote:
> Hi, i have a question:
>
> I have a database and i want to create a administrator user with
total
> control and another that only could make queries and could not see
nor
> modify the functions.
>
> The reason is that in the database that i will distribute are the
> functions with a big part of the software logics and i do not want
> these to be seen by my customers.
>
> Thanks in advance, Guillermo
---------------------------(end of broadcast)---------------------------
TIP 1: if posting/reading through Usenet, please send an appropriate
subscribe-nomail command to
majordomo@xxxxxxxxxxxxxx so that your
message can get through to the mailing list cleanly
