Re: Increasing security in a shared environment ...

Andrew Dunstan <andrew@dunslane.net> writes:
> I just played around briefly with removing *all* public access to a 
> couple of catalog tables - pg_class and pg_attrdef. Obviously this 
> breaks things like \d and friends. I'm not sure how much else it might 
> break - 

pg_dump, for starters ...

I'm not sure that hiding the contents of the current database's catalog
is all that useful a goal in practice.  If you have two users sharing a
database then probably you *want* them to be able to exchange some
amount of information.  I can see the use-case for hiding contents of
the shared tables (pg_database, pg_shadow, pg_group) in installations
where different users have different databases but you want to run just
one common postmaster.  Even there, though, it doesn't seem all that
essential --- its only usefulness is security by obscurity.
        regards, tom lane