Bruce Momjian wrote:
KaiGai Kohei wrote:
Bruce Momjian wrote:
I think we could use row-level access control to prevent people from
seeing databases they should not see in pg_database.
The row-level database ACL which I submitted yesterdat does not allow
to assign ACLs to tuples within system catalogs (like pg_database),
because it is unclear who should be the owner of tuples.
As I noted at the previous message, it considers the owner of the table
as the owner of the tuples due to several reasons. However, some of system
catalogs have its owner field like "pg_proc.proowner".
This limitation is not a fundamental one, so we can remove it soon.
But, who should be the owner of tuples within system catalogs which have
some kind of "owner" field.
The Postgres super-user should be the owner of all system tables.
OK, I'll update it soon.
--
OSS Platform Development Division, NEC
KaiGai Kohei <[EMAIL PROTECTED]>
--
Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-hackers
