I have a postgresql 10 installed and I want to hide the name of users/roles to other users. I searched through other posts and somebody suggested this:
REVOKE SELECT ON pg_catalog.pg_authid FROM public;
REVOKE SELECT ON pg_catalog.pg_auth_members FROM public;
After doing all of these, user1 can't dig into the info of a user (Error retrieving roles from the database server. ERROR: permission denied for relation pg_auth_members) but still can list them all as you can see on the next image
Of course user1 is not a superuser.
I already tested this with no effect:
REVOKE SELECT ON pg_catalog.pg_roles FROM user1;
REVOKE SELECT ON pg_catalog.pg_user FROM user1;
Tested this too with no effect:
REVOKE SELECT ON pg_catalog.pg_authid FROM user1;
REVOKE SELECT ON pg_catalog.pg_auth_members FROM user1;
If I launch this next statements users can't login and everything is broken:
REVOKE SELECT ON pg_catalog.pg_roles FROM public;
REVOKE SELECT ON pg_catalog.pg_user FROM public;
Is there a way to achieve this? Is very important to me to hide the name of the users to other users.
Background: I'm creating a hacking ctf (capture the flag) virtual machine. This is one of the challenges… the point is avoid a user can see the "right database user name" to connect. That's something he/she must find inside the database finding hints and other cryptographic stuff.
Edit: a "sad" workaround is to create hundreds of dummy users in order to "try to hide" the real one… but it must be an elegant solution for this. Any help?
Best Answer
pgAdmin is using pg_roles to show that information, so it is enough to run
But since the information is available in other views as well, you would need to hide them, for instance the
pg_userandpg_shadowviews.It should not stop users from logging in nor breaking anything since those views are not used during authentication, so you should make sure that you didn't change anything else. The logs might show you the reason for why they can't log in.