The security documentation available in the official documentation is rather sparse. Is there a more detailed document I should be aware of?
As an example, I'd like to prevent a a user from being able to get a list of existing databases. Presumably, I can limit access to various system catalogs to prevent this sort of thing, but if existing documentation exists it might prevent me from shooting myself in the foot too badly.