It is a follow up to my first question. I am still interested in knowing
if we can create a pure read only user in postgres, which has no access
to system catalogs.
The alternative I am thinking is using a separate instance and use
dblink or replication tool to refresh data. Do you know if we can hide
connection details from a user if we use dblink? I just want to make
sure this read only
user does not go and query our system catalogs in production server.
Dblink should be easier to implement than using replication tool.
Thanks.
Dinesh
On 3/9/2011 4:24 PM, Dinesh Bhandary wrote:
> Hi All -
>
> Please let me know if this is possible to do in postgres.
>
> I am creating a read only user, which has limited access to db
> objects, primarily views. Even though this user can't query data from
> other db objects it can view the system catalog using pg* views and
> tables, thereby exposing our logical schema.
> Is there a way in postgres to limit access to system catalogs. I just
> want a pure read only user, which can do nothing but query specific
> views we outlined.
>
> Thanks!
> Dinesh
>