| From: | Bruno Wolff III <bruno(at)wolff(dot)to> |
|---|---|
| To: | ivan <ivan(at)psycho(dot)pl> |
| Cc: | pgsql-admin(at)postgresql(dot)org |
| Subject: | Re: SECURITY |
| Date: | 2003-05-22 12:31:05 |
| Message-ID: | 20030522123105.GB20191@wolff.to |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-admin |
On Wed, May 21, 2003 at 20:18:03 +0200,
ivan <ivan(at)psycho(dot)pl> wrote:
>
>
> why when i create user and create database for this user, he can connect
> to my others database , (not only his own) and create there tables and
> etc.
> He can not select , delete etc but he can create something and then drop
> this , is can be like a bug ?
In 7.2 and higher you can control this (being able to connect to a database)
in pg_hba.conf by setting up per user per database rules for authentication
methods.
As an alternative in 7.3 and higher you can control being able to create
objects in a database. To prevent creation of schemas and temporary tables
issue:
REVOKE ALL ON DATABASE database_name FROM PUBLIC;
The PUBLIC schema allows object creation by default. To prevent people
from creating objects there issue:
REVOKE CREATE ON SCHEMA PUBLIC FROM PUBLIC;
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Eugene M. Zheganin | 2003-05-22 12:37:01 | Re: Full vacuuming of BIG tables takes too long |
| Previous Message | Bruno Wolff III | 2003-05-22 12:13:15 | Re: Date question.... |