Hi Christopher, > > "The \l command should only list databases that the current user is > > authorized for, the \du command should only list users authorized for the > > current database (and perhaps only superusers should get even that much > > information), etc. Perhaps it is possible to set PG to do this, but that > > should probably be the default." > > Seem reasonable. Why not prevent normal users to dig on the pg_catalog? What is the impact of it?
> Well, you can just go SELECT * FROM pg_database; so fixing \l won't do > anything. > > I too would like to see more security in this respect, but it will be > difficult if not impossible to implement methinks... > Why is it "impossible"? -- Euler Taveira de Oliveira euler (at) ufgnet.ufg.br Desenvolvedor Web e Administrador de Sistemas UFGNet - Universidade Federal de Goiás ---------------------------(end of broadcast)--------------------------- TIP 1: subscribe and unsubscribe commands go to [EMAIL PROTECTED]
