Re: Views, views, views: Summary of Arguments

Поиск
Список
Период
Сортировка
От Andrew Dunstan
Тема Re: Views, views, views: Summary of Arguments
Дата
Msg-id 4284E514.8040408@dunslane.net
обсуждение исходный текст
Ответ на Re: Views, views, views: Summary of Arguments  (Josh Berkus <josh@agliodbs.com>)
Ответы Re: Catalog Security WAS: Views, views, views: Summary of Arguments  (Josh Berkus <josh@agliodbs.com>)
Список pgsql-hackers
Дерево обсуждения 

Josh Berkus wrote:

>Andrew,
>
>  
>
>>Not really, no. It would just be one more thing that my hardening script
>>had to remove permissions from.
>>    
>>
>
>Hmmm ... even though the sysviews check users' permissions?  That was one of 
>our ideas behind making it "safer than the system catalogs".
>  
>

It might be safer, but that doesn't hit my target at all. I am aiming at 
a zero-knowledge user, i.e. one who cannot discover anything at all 
about the db. The idea is that even if subvert can subvert a client and 
get access to the db the amount of metadata they can discover is as 
close to zero as possible.

cheers

andrew

В списке pgsql-hackers по дате отправления:

Предыдущее
От: Josh Berkus
Дата:
Сообщение: Re: Views, views, views: Summary of Arguments
Следующее
От: Josh Berkus
Дата:
Сообщение: Re: Catalog Security WAS: Views, views, views: Summary of Arguments