| From: | Ivan Voras <ivoras(at)gmail(dot)com> |
|---|---|
| To: | "pgsql-general(at)postgresql(dot)org" <pgsql-general(at)postgresql(dot)org> |
| Subject: | Roles inherited from a role which is the owner of a database can drop it? |
| Date: | 2017-10-30 19:25:07 |
| Message-ID: | CAF-QHFV-BW-4T6GYJ_qr0J7iaLUuVq2G1=WEnP7BbwDEfP+FAg@mail.gmail.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general |
Hello,
I just want to verify that what I'm observing is true, and if it is, I'd
like to know how to avoid it:
1. There are databases owned by a certain role which is a superuser
2. Nobody logs in with the superuser role unless necessary
3. But they do log in with "developer" roles which are inherited from the
owner role. These developer roles are not superusers themselves, but have
the CREATEDB flag
4. The developer roles can still drop the databases.
I've tried it on a dummy database and it apparently works as described
here. Is this by design?
If it is, is there a way to prevent the developer roles from dropping the
databases?
What are the best practices for this sort of scenario where there is a
single owner of all the schema (which is large), where developers need
access to everything but cannot do something as drastic as dropping the dbs
(and possibly tables)?
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Arthur Zakirov | 2017-10-30 20:58:00 | Re: pg_audit to mask literal sql |
| Previous Message | rakeshkumar464 | 2017-10-30 17:55:17 | pg_audit to mask literal sql |