| From: | "David G(dot) Johnston" <david(dot)g(dot)johnston(at)gmail(dot)com> |
|---|---|
| To: | Bryn Llewellyn <bryn(at)yugabyte(dot)com> |
| Cc: | Adrian Klaver <adrian(dot)klaver(at)aklaver(dot)com>, Neeraj M R <neerajmr12219(at)gmail(dot)com>, Tom Lane PostgreSQL <tgl(at)sss(dot)pgh(dot)pa(dot)us>, pgsql-general list <pgsql-general(at)lists(dot)postgresql(dot)org> |
| Subject: | Re: Restricting user to see schema structure |
| Date: | 2022-05-18 01:50:11 |
| Message-ID: | CAKFQuwb-2mGYvwJn2yA_ygEbYk=uaV4w4BNi-bMotaiPNGww_A@mail.gmail.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general |
On Tue, May 17, 2022 at 6:47 PM Bryn Llewellyn <bryn(at)yugabyte(dot)com> wrote:
> *adrian(dot)klaver(at)aklaver(dot)com <adrian(dot)klaver(at)aklaver(dot)com> wrote:*
>
> bryn(at)yugabyte(dot)com wrote:
>
> The paragraph describes very surprising behavior in the present era of
> "secure by default". The sentence "For maximum security..." at the end
> emphasizes this and has you go to some effort (CREATE and REVOKE in the
> same txn) to undo the "insecurity by default" paradigm. I s'pose that
> compatibility on upgrade means that nothing can change here.
>
>
> There is movement on this front coming in Postgres 15:
>
> https://www.postgresql.org/docs/devel/release-15.html
>
>
> Do you mean that, for example, "create database x" will no longer imply
> "grant connect on database x to public" and "create function f()" will no
> longer imply "grant execute on function f() to public"? That would be good.
> But I can't find wording to that effect on the page.
>
No, the changes are to the defaults for the public schema - which makes
actually removing it from the database post-creation less necessary.
David J.
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Dominique Devienne | 2022-05-18 10:07:47 | Who am I? Where am I connected? |
| Previous Message | Bryn Llewellyn | 2022-05-18 01:47:13 | Re: Restricting user to see schema structure |