From: | Martín Marqués <martin(at)bugs(dot)unl(dot)edu(dot)ar> |
---|---|
To: | Jeff Waugh <jdub(at)perkypants(dot)org> |
Cc: | pgsql-general(at)postgresql(dot)org |
Subject: | Re: Permissions & Ownership (BUG?) |
Date: | 2001-06-12 15:28:39 |
Message-ID: | 01061218283905.05332@bugs |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-general |
On Sáb 09 Jun 2001 09:50, you wrote:
> Hi all,
>
> Having had a play with GRANT, REVOKE and database ownership, a couple of
> things have come to my attention. I'm pretty sure I've covered everywhere
> these may be explained in the documentation, but please send me off in the
> right direction if I've missed something:
>
> 1) There doesn't seem to be a way to limit connections to a particular
> database. This is okay, because you can remove PUBLIC rights from
> everything, but even the connection and visible tables are security
> concerns already.
Check out pg_hba.conf file. You can limit connections on database and locaion
of the connection.
> 2) Given this connection, it seems that any user can also CREATE a table in
> any database, regardless of owner. They couldn't modify or delete objects,
> but they can create them.
Yes, I have pointed out this in the past. I hope it's in the tod list at
least.
Saludos... :-)
--
Cualquiera administra un NT.
Ese es el problema, que cualquiera administre.
-----------------------------------------------------------------
Martin Marques | mmarques(at)unl(dot)edu(dot)ar
Programador, Administrador | Centro de Telematica
Universidad Nacional
del Litoral
-----------------------------------------------------------------
From | Date | Subject | |
---|---|---|---|
Next Message | armelle clech | 2001-06-12 15:42:14 | PQFInish doesn't work |
Previous Message | Christopher Zach | 2001-06-12 15:17:20 | rtree index very large |