Re: restrict_nonsystem_relation_kind led to regression (kinda)
| От | Alvaro Herrera |
|---|---|
| Тема | Re: restrict_nonsystem_relation_kind led to regression (kinda) |
| Дата | |
| Msg-id | 202409231550.kxakjf6y2ykq@alvherre.pgsql обсуждение исходный текст |
| Ответ на | restrict_nonsystem_relation_kind led to regression (kinda) (Magnus Holmgren <magnus.holmgren@milientsoftware.com>) |
| Список | pgsql-hackers |
Hi Magnus, On 2024-Sep-23, Magnus Holmgren wrote: > We've set allow_system_table_mods = on so that we could rename > pg_database and in its place put a custom view that only lists the > databases the current user has CONNECT privileges to. This is because > 1) we allow customers direct (read only) access to their databases, but > 2) we don't want them to see the other customers, and 3) restricting > access to pg_database altogether leads to the GUIs the customers use > spamming error messages because they expect pg_database to be readable, > and that makes the customers (or their consultants) annoyed. Your use case and problem seem to match bug report #18604 almost exactly: https://postgr.es/m/18604-04d64b68e981ced6@postgresql.org I suggest to read that discussion, as it contains useful information. As I understand, you're only really safe (not just theatrically safe) by giving each customer a separate Postgres instance. Regards -- Álvaro Herrera PostgreSQL Developer — https://www.EnterpriseDB.com/
В списке pgsql-hackers по дате отправления: