On Tue, Jun 06, 2006 at 12:15:24PM -0600, William K. Volkman wrote:
> On Tue, 2006-06-06 at 10:43, Michael Bayer wrote:
> > On Jun 5, 2006, at 11:50 PM, William K. Volkman wrote:
> >
> The fact that they've gone to the trouble to constrain certain
> fields to only be visible to the table owner
> indicates that they've done it on purpose. I.E. As Owner:
>
> sat=# select column_name, column_default
> from information_schema.columns
> where table_name = 'departments';
> column_name | column_default
> -----------------+-------------------------------------------------------
> department_id | nextval('public.departments_department_id_seq'::text)
> department_name |
>
> As a non-owner:
> column_name | column_default
> -----------------+----------------
> department_id |
> department_name |
>
it's not like this. Try as a not owner user to use \d to retrieve
information and you'll get all you need to reflect. When I opened ticket '71
I also suggested a whay to get Primary keys and foreign keys w/o any
privileges, just studying what psql does upon '\d table_name' with option -E.
> One reasoning probably lies in commercial deployment of the
> database. Don't permit the users to reverse engineer the
> database or give out information that could be used to break
> it.
security by obscurity? mmh not what I call security!
A broken reflection is what make me for the moment have all people
connect with the same user. That's *totally* unsecure!
And to spend one more word about reflection: I definitely want a single
point where info on the db are stored, and that's the db. I may even forget
about how many application I made to get to a db but if the structure is
reflected all the times I'm sure the information get to the wright place when
needed. (Btw: I'd really like to see the error raised when autoloading if
the table does not exist, as recently proposed)
sandro
*:-)
--
Sandro Dentella *:-)
http://www.tksql.org TkSQL Home page - My GPL work
_______________________________________________
Sqlalchemy-users mailing list
Sqlalchemy-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/sqlalchemy-users
