Re: security flaw

From: "scott(dot)marlowe" <scott(dot)marlowe(at)ihs(dot)com>
To: <ohp(at)pyrenet(dot)fr>
Cc: pgsql-hackers list <pgsql-hackers(at)postgresql(dot)org>
Subject: Re: security flaw
Date: 2003-06-10 14:15:06
Message-ID: Pine.LNX.4.33.0306100810090.13190-100000@css120.ihs.com
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-hackers

On Sat, 7 Jun 2003 ohp(at)pyrenet(dot)fr wrote:

> Hi all,
>
> I wonder if it's a security problem: One of my customer noticed that he
> could see all databases on the system with phppgadmin. not only he sees
> databases but tables, views, fonctions... Fortunatly he can't see any row.
>
> This customer has the ability to create databases but not users.
> I wonder if the super_user privilege should be separated from the
> priviledge of creating databases/users.
>
> I alose think that only a superuser should list databases and objects.
>
> What do you think?

Since security by obscurity is presumed to be ineffective, conversely,
revealing the location of an object produces no real decrease in security.

Now, it might be nice from the user's perspective if they could filter out
the stuff they don't have access to, in order to ensure a nice neat little
view of their own data in a galaxy of information (i.e. 100 other users
each with their own data set and priveldges.)

Since schemas provide a simple way to limit your own view, they provide
for that function.

Can phppgadmin be programmed to only use certain search paths in the
schema?

In response to

Responses

Browse pgsql-hackers by date

  From Date Subject
Next Message J.R. Nield 2003-06-10 14:49:45 Returning to the List
Previous Message Tom Lane 2003-06-10 14:11:00 Re: host and hostssl equivalence in pg_hba.conf