Re: SECURITY

Поиск
Список
Период
Сортировка
От Sean Chittenden
Тема Re: SECURITY
Дата
Msg-id 20030522063931.GF71079@perrin.int.nxad.com
обсуждение исходный текст
Ответ на SECURITY  (ivan <ivan@psycho.pl>)
Список pgsql-admin
> why when i create user and create database for this user, he can
> connect to my others database , (not only his own) and create there
> tables and etc.  He can not select , delete etc but he can create
> something and then drop this , is can be like a bug ?

Nope.  You need to remove access to the public schema if you want to
prevent this.

REVOKE USAGE ON SCHEMA public FROM PUBLIC;

It also might be wise for you to look at the pg_hba.conf and make use
of the samegroup directive.  -sc


PS <feature_request>It'd be really slick if there was a database,
   user, and method type that'd be pgsql or some such and would allow
   the DBA to configure what users get access to what tables _inside_
   of the database via a system catalog, leaving pg_hba.conf as an all
   else fails last resort mechanism used in recovery or
   bootstrapping.</feature_request>

--
Sean Chittenden

В списке pgsql-admin по дате отправления:

Предыдущее
От: "Eugene M. Zheganin"
Дата:
Сообщение: Full vacuuming of BIG tables takes too long
Следующее
От: "Dhananjay Mishra"
Дата:
Сообщение: union of two databases with same schema