Quick Links

Re: What happened to the tip "It is good practice to create a role that has the CREATEDB and CREATEROLE privileges..."

From:	Laurenz Albe <laurenz(dot)albe(at)cybertec(dot)at>
To:	Bryn Llewellyn <bryn(at)yugabyte(dot)com>, Jeremy Smith <jeremy(at)musicsmith(dot)net>
Cc:	pgsql-general list <pgsql-general(at)lists(dot)postgresql(dot)org>
Subject:	Re: What happened to the tip "It is good practice to create a role that has the CREATEDB and CREATEROLE privileges..."
Date:	2023-04-20 07:11:31
Message-ID:	db2c7c3e0c065ca89bb9664b3f6e01cef4f6de8a.camel@cybertec.at
Views:	Raw Message \| Whole Thread \| Download mbox \| Resend email
Thread:
Lists:	pgsql-general

On Wed, 2023-04-19 at 16:53 -0700, Bryn Llewellyn wrote:
>
> I do see that a role that has "createdb" and "createrole" is pretty powerful because,
> for example, a role with these attributes can use "set role" to become any other non-superuser
> (see the example below).

A user with CREATEROLE can make herself a member of "pg_execute_server_program", which
in turn allows a clever attacker on a normal installation to make herself superuser.

Yours,
Laurenz Albe

In response to

Re: What happened to the tip "It is good practice to create a role that has the CREATEDB and CREATEROLE privileges..." at 2023-04-19 23:53:28 from Bryn Llewellyn

Responses

Re: What happened to the tip "It is good practice to create a role that has the CREATEDB and CREATEROLE privileges..." at 2023-04-20 16:17:49 from Bryn Llewellyn

Browse pgsql-general by date

	From	Date	Subject
Next Message	shveta malik	2023-04-20 08:58:36	Re: Support logical replication of DDLs
Previous Message	vignesh C	2023-04-20 06:19:13	Re: Logical replication failed with SSL SYSCALL error