| From: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
|---|---|
| To: | randygrolemund(at)gmail(dot)com |
| Cc: | pgsql-bugs(at)postgresql(dot)org |
| Subject: | Re: BUG #14828: Security isn't working |
| Date: | 2017-09-25 17:36:06 |
| Message-ID: | 19762.1506360966@sss.pgh.pa.us |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-bugs |
randygrolemund(at)gmail(dot)com writes:
> Another team member created a new db, and did not assign any users
> permission to that db. It appears at least one of the users (no super user
> permissions) can read and write to that db. It doesn't make any sense how
> this is working.
Well, as noted in the GRANT reference page, the default for a new database
is to grant CONNECT privilege to PUBLIC; if you don't like that you need
to revoke it, or (usually less desirable) use pg_hba.conf rules to
restrict access. Depending on how much you want to lock down access,
you might also want to revoke TEMP privilege and/or remove or restrict
the "public" schema within that database.
If none of those are the problem then you need to provide considerably
more detail. But so far I see nothing here that sounds like it's not
operating as designed.
https://www.postgresql.org/docs/current/static/bug-reporting.html
regards, tom lane
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Дилян Палаузов | 2017-09-25 18:10:57 | Re: Query planner skipping index depending on DISTINCT parameter order (2) |
| Previous Message | David E. Wheeler | 2017-09-25 17:34:23 | Re: BUG #14825: enum type: unsafe use? |