Allow postgres user to only list his own database

前端 未结 4 1628
温柔的废话
温柔的废话 2021-02-15 12:50

I\'m using a postgresql server and I want to forbid my users to see what other databases are on the same server.

Essentially a \\l should only list his own

4条回答
  •  失恋的感觉
    2021-02-15 13:44

    @araqnid 's answer above seems to be the way to go except for one problem: select oid, 1262::oid as tableoid, pg_database_catalog.* will have the oid column defined twice in its results, once as expicitly given via select oid and once taken from pg_database_catalog.*. At least on Postgresql 12 create view pg_catalog.pg_database will complain that the column oid is being defined twice and will abort.

    Thus the corrected code would be:

    alter table pg_catalog.pg_database rename to pg_database_catalog;
    create view pg_catalog.pg_database as
      select 1262::oid as tableoid, pg_database_catalog.*
      from pg_catalog.pg_database_catalog
      where has_database_privilege(pg_database_catalog.oid, 'connect');    
    grant select on pg_catalog.pg_database to public;
    

    Please refer to the original answer for all other information.

    I'd be glad if somebody could confirm that my findings here are correct (or refute them).

提交回复
热议问题