From: | Cheetah <fastcat(at)gmail(dot)com> |
---|---|
To: | pgadmin-support(at)postgresql(dot)org |
Subject: | Users can see each others' databases? |
Date: | 2004-09-21 23:32:02 |
Message-ID: | a9d6776b04092116326bbf905d@mail.gmail.com |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgadmin-support |
On Tue, 21 Sep 2004 17:47:32 -0500, Terry Letsche <terry(at)letsche(dot)net> wrote:
> Hi. I'm using PostgreSQL for a database course. Each user has their own
> database on the system. Each database is named the same as the user's
> user name, and pg_hba.conf is set to require sameuser and a password.
First off, go (re)read the docs for pg_hba.conf carefully! Things
like sameuser and password are not anded, they are
first-match-succeeds! So, if you have "... ident sameuser" in your
pg_hba.conf before the password entry, passwords will not be required.
> I'm guessing that I'm overlooking something obvious here. What do I need
> to do so that users can't see anything from the other users in pgadmin3?
> Or, if that's not possible, what can be done to minimize this problem?
I suspect that in order to not be able to see other users' tables, you
must revoke permissions on the pg_catalog schema (and for the
enterprising users the information_schema schema too I suspect), which
is where all the views and whatnot that pgadmin queries to list tables
live. If this is for a course, I'd bet on students being enterprising
when trying to circumvent access restrictions :)
--
-- Cheetah
From | Date | Subject | |
---|---|---|---|
Next Message | Jed Nicolau Filho | 2004-09-22 00:53:47 | Hello |
Previous Message | Terry Letsche | 2004-09-21 22:47:32 | Users can see each others' databases? |