nay be not all, but only select from same function.
Is there sht like umask
On Wed, 16 Jul 2003, Tom Lane wrote:
> ivan <[EMAIL PROTECTED]> writes:
> > In my project i need close everything even most of pg_catalog.
> > User shoudl exec only special func. and not more. He know which they are
ivan <[EMAIL PROTECTED]> writes:
> In my project i need close everything even most of pg_catalog.
> User shoudl exec only special func. and not more. He know which they are.
It sounds to me like you shouldn't be allowing your users to execute SQL
commands directly at all.
> > and how disallow : LISTEN , SET , RESET , and SHOW ?
>
> Explain why we should?
>
When you want to LISTEN sth pg insert rec into pg_listens (?) or somewhere
there, so why someone could rubish my db ?
In my project i need close everything even most of pg_catalog.
User shoudl exec only special
ivan <[EMAIL PROTECTED]> writes:
> why when i revoke all on scheme pg_catalog from all (with public)
> i can make select from pg_ tables and views as ordinary user ??
Hm. pg_catalog is forcibly placed into the search path, thus bypassing
the normal check on whether you have USAGE privilege on it.
hi,
why when i revoke all on scheme pg_catalog from all (with public)
i can make select from pg_ tables and views as ordinary user ??
I can usage this scheme so why i can makeing select ?
Then i remove SELECT perm from PUBLIC on pg_ tables and then i cant
makeing select from this tables , but i c