| From: | "John Madden" <jmadden(at)ivytech(dot)edu> |
|---|---|
| To: | <pgsql-admin(at)postgresql(dot)org> |
| Subject: | security issue - database user |
| Date: | 2002-08-05 16:01:34 |
| Message-ID: | 46234.168.91.2.45.1028563294.squirrel@mail.ivytech.edu |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-admin |
(My apologies if this has been posted before - as you'll see, this isn't
the easiest thing to find in the archives.)
The scenario: We want to allow common users access to their own databases
for development.
The issue: As a user (not a superuser), I can modify any database on the
system, albeit only through CREATE TABLE.
CREATE USER myuser WITH PASSWORD 'blah' CREATEDB;
psql template1 -h db -U myuser
(password auth)
template1 => CREATE DATABASE myuser;
(re-auth as user postgres, drop createdb privs)
ALTER USER myuser NOCREATEDB;
Now, we connect to our database (myuser) as myuser and go about our
business. However, I can connect to any other database I've got access to
through pg_hba.conf:
psql somedb -h db -U myuser
(password auth)
somedb => \d
I can't modify/etc. any existing tables, as one would expect, but:
somedb=> CREATE TABLE mytable(test text);
CREATE
Why is this allowed? Any way to prevent it? We've got a lot of users
working on a development server that obviously has hba to quite a few
databases...
Thanks,
John
--
John Madden
UNIX Systems Engineer
Ivy Tech State College
jmadden(at)ivytech(dot)edu
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Tom, Leung S. | 2002-08-05 16:06:24 | unsubscribe |
| Previous Message | Adonis Damian | 2002-08-05 15:58:38 | pgsql for Solaris 8 (SPARC) |