Re: security flaw

From: ohp(at)pyrenet(dot)fr
To: "scott(dot)marlowe" <scott(dot)marlowe(at)ihs(dot)com>
Cc: pgsql-hackers list <pgsql-hackers(at)postgresql(dot)org>
Subject: Re: security flaw
Date: 2003-06-13 13:52:20
Message-ID: Pine.UW2.4.53.0306131547390.14568@server.pyrenet.fr
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-hackers

On Tue, 10 Jun 2003, scott.marlowe wrote:

> Date: Tue, 10 Jun 2003 08:15:06 -0600 (MDT)
> From: scott.marlowe <scott(dot)marlowe(at)ihs(dot)com>
> To: ohp(at)pyrenet(dot)fr
> Cc: pgsql-hackers list <pgsql-hackers(at)postgresql(dot)org>
> Subject: Re: [HACKERS] security flaw
>
> On Sat, 7 Jun 2003 ohp(at)pyrenet(dot)fr wrote:
>
> > Hi all,
> >
> > I wonder if it's a security problem: One of my customer noticed that he
> > could see all databases on the system with phppgadmin. not only he sees
> > databases but tables, views, fonctions... Fortunatly he can't see any row.
> >
> > This customer has the ability to create databases but not users.
> > I wonder if the super_user privilege should be separated from the
> > priviledge of creating databases/users.
> >
> > I alose think that only a superuser should list databases and objects.
> >
> > What do you think?
>
> Since security by obscurity is presumed to be ineffective, conversely,
> revealing the location of an object produces no real decrease in security.
>
> Now, it might be nice from the user's perspective if they could filter out
> the stuff they don't have access to, in order to ensure a nice neat little
> view of their own data in a galaxy of information (i.e. 100 other users
> each with their own data set and priveldges.)
>
> Since schemas provide a simple way to limit your own view, they provide
> for that function.
>
> Can phppgadmin be programmed to only use certain search paths in the
> schema?
>
>
Hmm. Surely I did'nt make myself clear, PhpPgAdmin is not a problm here.
The problem is user A is owner of databses X1,Y1 Z1
user B is owner of databases X2,Yé,Z2

both users can see the the others DB. by doing a simple \l
It would be nice that unless a user is superuser he could'nt see databases
that are not his.

BTW how can I change ownership of databases and tables easealy?

--
Olivier PRENANT Tel: +33-5-61-50-97-00 (Work)
Quartier d'Harraud Turrou +33-5-61-50-97-01 (Fax)
31190 AUTERIVE +33-6-07-63-80-64 (GSM)
FRANCE Email: ohp(at)pyrenet(dot)fr
------------------------------------------------------------------------------
Make your life a dream, make your dream a reality. (St Exupery)

In response to

Browse pgsql-hackers by date

  From Date Subject
Next Message ohp 2003-06-13 14:18:56 Mirro updates
Previous Message Jeroen T. Vermeulen 2003-06-13 13:36:00 Re: Pre-allocation of shared memory ...