| From: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
|---|---|
| To: | Kenneth Downs <ken(at)secdat(dot)com> |
| Cc: | David Legault <legault(dot)david(at)gmail(dot)com>, alvherre(at)commandprompt(dot)com, pgsql-general(at)postgreSQL(dot)org |
| Subject: | Re: ROLE INHERIT |
| Date: | 2007-02-16 06:58:28 |
| Message-ID: | 11726.1171609108@sss.pgh.pa.us |
| Views: | Whole Thread | Raw Message | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general |
Kenneth Downs <ken(at)secdat(dot)com> writes:
> Except for the hole. On a public site that lets users register, we have
> to have way to let the web server assume the role of somebody who has
> createuser privelege, and that's pretty much the end of the no-root
> policy. If an exploit could be placed, it could simply go into that
> mode and create a superuser.
> What would be really nice is if you could limit the ability of
> CREATEUSER to grant roles.
I believe that a role that has CREATEROLE but not SUPERUSER can only
create non-SUPERUSER roles. Does that help?
regards, tom lane
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Gene | 2007-02-16 07:32:26 | rule creating infinite recursion not sure why |
| Previous Message | Tom Lane | 2007-02-16 06:54:16 | Re: Where art thou pg_clog? |