Thanks for your help I want to restrict some postgres users as much as possible and allow them to execute a few my own stored procedures only.
If I block access using: REVOKE ALL ON pg_catalog.pg_proc FROM PUBLIC; REVOKE ALL ON FUNCTION pg_catalog.pg_get_functiondef(oid) FROM PUBLIC; the user will fail to select procedure's body from pg_catalog.pg_proc and using psql \sf of \ef. Is this method correct? 2015-02-12 11:53 GMT+03:00 Saimon Lim <aimon.s...@gmail.com>: > For clarification - I run the commands using psql program. > > 2015-02-11 12:54 GMT+03:00 Saimon Lim <aimon.s...@gmail.com>: > >> Hi >> I want to hide my own stored procedures' bodies from the specific user. >> As far as I know, procedure's body is visible in the pg_catalog.pg_proc >> table. >> >> So, I did the following: >> REVOKE ALL ON pg_catalog.pg_proc FROM PUBLIC; >> >> And after it, when user tries: >> SELECT * from pg_proc; >> >> The following error occurs: >> ERROR: permission denied for relation pg_proc >> >> It turns out that user don't have access to the body of the procedure. >> But I still can get stored procedure's body using >> \sf function_name >> or with >> \ef function_name >> >> So, how can I completely hide my own stored procedure's bodies from this >> user? >> >> Thanks in advance >> Saimon >> > >
