From: | ohp(at)pyrenet(dot)fr |
---|---|
To: | "scott(dot)marlowe" <scott(dot)marlowe(at)ihs(dot)com> |
Cc: | pgsql-hackers list <pgsql-hackers(at)postgresql(dot)org> |
Subject: | Re: security flaw |
Date: | 2003-06-13 13:52:20 |
Message-ID: | Pine.UW2.4.53.0306131547390.14568@server.pyrenet.fr |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-hackers |
On Tue, 10 Jun 2003, scott.marlowe wrote:
> Date: Tue, 10 Jun 2003 08:15:06 -0600 (MDT)
> From: scott.marlowe <scott(dot)marlowe(at)ihs(dot)com>
> To: ohp(at)pyrenet(dot)fr
> Cc: pgsql-hackers list <pgsql-hackers(at)postgresql(dot)org>
> Subject: Re: [HACKERS] security flaw
>
> On Sat, 7 Jun 2003 ohp(at)pyrenet(dot)fr wrote:
>
> > Hi all,
> >
> > I wonder if it's a security problem: One of my customer noticed that he
> > could see all databases on the system with phppgadmin. not only he sees
> > databases but tables, views, fonctions... Fortunatly he can't see any row.
> >
> > This customer has the ability to create databases but not users.
> > I wonder if the super_user privilege should be separated from the
> > priviledge of creating databases/users.
> >
> > I alose think that only a superuser should list databases and objects.
> >
> > What do you think?
>
> Since security by obscurity is presumed to be ineffective, conversely,
> revealing the location of an object produces no real decrease in security.
>
> Now, it might be nice from the user's perspective if they could filter out
> the stuff they don't have access to, in order to ensure a nice neat little
> view of their own data in a galaxy of information (i.e. 100 other users
> each with their own data set and priveldges.)
>
> Since schemas provide a simple way to limit your own view, they provide
> for that function.
>
> Can phppgadmin be programmed to only use certain search paths in the
> schema?
>
>
Hmm. Surely I did'nt make myself clear, PhpPgAdmin is not a problm here.
The problem is user A is owner of databses X1,Y1 Z1
user B is owner of databases X2,Yé,Z2
both users can see the the others DB. by doing a simple \l
It would be nice that unless a user is superuser he could'nt see databases
that are not his.
BTW how can I change ownership of databases and tables easealy?
--
Olivier PRENANT Tel: +33-5-61-50-97-00 (Work)
Quartier d'Harraud Turrou +33-5-61-50-97-01 (Fax)
31190 AUTERIVE +33-6-07-63-80-64 (GSM)
FRANCE Email: ohp(at)pyrenet(dot)fr
------------------------------------------------------------------------------
Make your life a dream, make your dream a reality. (St Exupery)
From | Date | Subject | |
---|---|---|---|
Next Message | ohp | 2003-06-13 14:18:56 | Mirro updates |
Previous Message | Jeroen T. Vermeulen | 2003-06-13 13:36:00 | Re: Pre-allocation of shared memory ... |