Discussion:
Hiding users and databases
Ross Dougherty
2014-10-17 02:48:25 UTC
Permalink
Hi all,

We run database servers that each contain multiple customer databases.
We would like to give customers access to their own database but even
though they are unable to connect to the databases of other customers
due to connect grants they are still able to see all other databases
and users on the server.

Is there a way to mask or hide databases which they don’t have connect
grants to and hide users/roles aside from their own? I have found some
methods involving modifying the system catalogs but would prefer not
to do this. I would like to avoid renaming all users/databases to
non-identifiable names if possible but so far I think this is my only
option. Any other suggestions would be appreciated.

Thanks,
Ross
--
Sent via pgsql-general mailing list (pgsql-***@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-general
Bruce Momjian
2014-10-18 02:40:23 UTC
Permalink
Post by Ross Dougherty
Hi all,
We run database servers that each contain multiple customer databases.
We would like to give customers access to their own database but even
though they are unable to connect to the databases of other customers
due to connect grants they are still able to see all other databases
and users on the server.
Is there a way to mask or hide databases which they don’t have connect
grants to and hide users/roles aside from their own? I have found some
methods involving modifying the system catalogs but would prefer not
to do this. I would like to avoid renaming all users/databases to
non-identifiable names if possible but so far I think this is my only
option. Any other suggestions would be appreciated.
I know of now way to do this except use random strings for usernames and
database names.
--
Bruce Momjian <***@momjian.us> http://momjian.us
EnterpriseDB http://enterprisedb.com

+ Everyone has their own god. +
--
Sent via pgsql-general mailing list (pgsql-***@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-general
Andreas Kretschmer
2014-10-18 07:16:43 UTC
Permalink
Post by Ross Dougherty
Hi all,
We run database servers that each contain multiple customer databases.
We would like to give customers access to their own database but even
though they are unable to connect to the databases of other customers
due to connect grants they are still able to see all other databases
and users on the server.
Is there a way to mask or hide databases which they don’t have connect
grants to and hide users/roles aside from their own? I have found some
I'm working for a hosting privider, and we are using this:

http://wiki.postgresql.org/wiki/Shared_Database_Hosting

(yeah, he is a colleague ...)



Andreas
--
Really, I'm not out to destroy Microsoft. That will just be a completely
unintentional side effect. (Linus Torvalds)
"If I was god, I would recompile penguin with --enable-fly." (unknown)
Kaufbach, Saxony, Germany, Europe. N 51.05082°, E 13.56889°
--
Sent via pgsql-general mailing list (pgsql-***@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-general
Loading...