Hi,
We have a PostgreSQL 7.3.4 cluster which is used by several
customers. Every customer has his own database. I have
revoked SELECT access on pg_user from the customers, because
they should not be able to see which other customers exist
on the cluster.
However, now the customers cannot use pg_dump anymore:
<QUOTE>
pg_dump: SQL command failed
pg_dump: Error message from server: ERROR: pg_user: permission denied
pg_dump: The command was: select (select usename from pg_user where usesysid = datdba) as dba, encoding, datpath from
pg_databasewhere datname = 'antonhurz'
</QUOTE>
Is there any way to resolve the problem?
If I understand things right, every DB has its own copy of
pg_user, right? Then I _should_ be able to delete all other
users from pg_user, except the owner of the DB (and possibly
the pgsql superuser), then grant SELECT access back to
everyone. Repeat that step for every database.
Would that work? I'm a bit reluctant to just try it,
because I don't want to break anything and make matters
worse.
Any help would be greatly appreciated! Thanks in advance!
Regards
Oliver
--
Oliver Fromme, secnetix GmbH & Co KG, Oettingenstr. 2, 80538 München
Any opinions expressed in this message may be personal to the author
and may not necessarily reflect the opinions of secnetix in any way.
"I have stopped reading Stephen King novels.
Now I just read C code instead."
-- Richard A. O'Keefe