Tom Lane wrote:
"Merlin Moncure" <[EMAIL PROTECTED]> writes:
However, I think PostgreSQL has a fairly serious security problem in
that the system catalogs are open to the public. I don't seem to be
winning many supporters on this particular point though.
No, you're not, and it's not like we've never heard this argument before.
Just upthread there were several complaints about the information_schema being too restrictive to be useful --- I think we'd get a whole lot more of that if we tried to prevent direct examination of the catalogs.
There is a case for a facility to "harden" postgres. My experiments some time ago show you can pretty much hide everything without breaking anything badly if you're careful. I have it on my personal TODO list to complete a hardening script - although I have no idea when I'll get to it.
cheers
andrew
---------------------------(end of broadcast)--------------------------- TIP 8: explain analyze is your friend
