| From: | Sean Chittenden <sean(at)chittenden(dot)org> |
|---|---|
| To: | ivan <ivan(at)psycho(dot)pl> |
| Cc: | pgsql-admin(at)postgresql(dot)org |
| Subject: | Re: SECURITY |
| Date: | 2003-05-22 06:39:31 |
| Message-ID: | 20030522063931.GF71079@perrin.int.nxad.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-admin |
> why when i create user and create database for this user, he can
> connect to my others database , (not only his own) and create there
> tables and etc. He can not select , delete etc but he can create
> something and then drop this , is can be like a bug ?
Nope. You need to remove access to the public schema if you want to
prevent this.
REVOKE USAGE ON SCHEMA public FROM PUBLIC;
It also might be wise for you to look at the pg_hba.conf and make use
of the samegroup directive. -sc
PS <feature_request>It'd be really slick if there was a database,
user, and method type that'd be pgsql or some such and would allow
the DBA to configure what users get access to what tables _inside_
of the database via a system catalog, leaving pg_hba.conf as an all
else fails last resort mechanism used in recovery or
bootstrapping.</feature_request>
--
Sean Chittenden
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Dhananjay Mishra | 2003-05-22 06:50:45 | union of two databases with same schema |
| Previous Message | Eugene M. Zheganin | 2003-05-22 04:39:56 | Full vacuuming of BIG tables takes too long |