Re: AW: [Extern] Re: PG16.1 security breach?

From: Adrian Klaver <adrian(dot)klaver(at)aklaver(dot)com>
To: "Zwettler Markus (OIZ)" <Markus(dot)Zwettler(at)zuerich(dot)ch>, Joe Conway <mail(at)joeconway(dot)com>, "pgsql-general(at)lists(dot)postgresql(dot)org" <pgsql-general(at)lists(dot)postgresql(dot)org>
Subject: Re: AW: [Extern] Re: PG16.1 security breach?
Date: 2024-06-07 14:35:58
Message-ID: 97b9b4c3-fb20-47e6-ba7f-e1d874ba2531@aklaver.com
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-general

On 6/7/24 06:54, Zwettler Markus (OIZ) wrote:
>> -----Ursprüngliche Nachricht-----
>> Von: Joe Conway <mail(at)joeconway(dot)com>
>> Gesendet: Freitag, 7. Juni 2024 15:22
>> An: Zwettler Markus (OIZ) <Markus(dot)Zwettler(at)zuerich(dot)ch>; pgsql-
>> general(at)lists(dot)postgresql(dot)org
>> Betreff: [Extern] Re: PG16.1 security breach?
>>
>> On 6/7/24 07:04, Zwettler Markus (OIZ) wrote:

>
> Argh. No! What a bad habit!
>
> Might be good idea for an enhancement request to create a global parameter to disable this habit.

Read this

https://www.postgresql.org/docs/current/ddl-priv.html

through several times, it will make things clearer. In particular the
part that starts "PostgreSQL grants privileges on some types of objects
to PUBLIC by default when the objects are created. ..."

>
> Thanks Markus
>

--
Adrian Klaver
adrian(dot)klaver(at)aklaver(dot)com

In response to

Browse pgsql-general by date

  From Date Subject
Next Message David G. Johnston 2024-06-07 14:42:31 PG16.1 security breach?
Previous Message Laurenz Albe 2024-06-07 14:32:44 Re: AW: [Extern] Re: PG16.1 security breach?