| From: | "David G(dot) Johnston" <david(dot)g(dot)johnston(at)gmail(dot)com> |
|---|---|
| To: | William Edwards <wedwards(at)cyberfusion(dot)nl> |
| Cc: | pgsql-general(at)lists(dot)postgresql(dot)org |
| Subject: | Re: Sample pg_hba.conf allows local users to access all databases |
| Date: | 2023-08-01 17:35:46 |
| Message-ID: | CAKFQuwaEgcxAu-NFF+v57yedfrzWxdgc+b00fXd3gK3PT-7PeA@mail.gmail.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general |
On Tue, Aug 1, 2023 at 10:13 AM William Edwards <wedwards(at)cyberfusion(dot)nl>
wrote:
> This allows all local users connecting over TCP to access all databases,
> not only the databases that the user is a member of as one might expect.
>
> Proof that user is able to access database that it is not a member of is
> below.
Roles do not gain membership in databases. Roles can be granted
permissions on databases (mainly CONNECT). And all roles, via PUBLIC, get
connect privileges on all databases by default. So the pg_hba.conf entry
is not causing something to happen against the wishes of the privileges
system.
https://www.postgresql.org/docs/current/ddl-priv.html
And yes, this is a usability vs secure-by-default that hasn't seen enough
complaint to take on changing the default.
David J.
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Amn Ojee Uw | 2023-08-01 18:42:41 | Re: error: connection to server on socket... |
| Previous Message | Christophe Pettus | 2023-08-01 17:34:54 | Re: Sample pg_hba.conf allows local users to access all databases |