Re: [EXT]: Re: BUG #18604: Regression in PostgreSQL 16.4: pg_dump Prevents Essential System Table Modifications

On 9/6/24 22:19, Christophe Pettus wrote:
>> On Sep 6, 2024, at 19:17, Tom Lane <tgl@sss.pgh.pa.us> wrote:
>> What does it matter if someone can see that database XYZ exists,
>> as long as they can't connect to it?
> I think in the OP's case, the database naming convention leaked
> information about customers, but using random DB names (while maybe
> not aesthetically pleasing) gets around that issue.

Yeah, but there are other issues, e.g. leaked usernames of the other 
customers too.

There is definitely demand for using PostgreSQL in multitenant use 
cases, but there are multiple problems to solve before people with those 
use cases will be happy.

I think Tom's suggestion regarding RLS on system catalogs was one 
approach bandied about in the past, but unless I am mistaken we never 
committed the patch to allow RLS on system catalogs (or did I miss that?)

-- 
Joe Conway
PostgreSQL Contributors Team
RDS Open Source Databases
Amazon Web Services: https://aws.amazon.com