Skip site navigation (1) Skip section navigation (2)

Re: Why Postgresql Public Schema Is Not Owned By The DB Owner By Default

From: Eus <eus(at)member(dot)fsf(dot)org>
To: Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>
Cc: Postgresql General Mailing List <pgsql-general(at)postgresql(dot)org>
Subject: Re: Why Postgresql Public Schema Is Not Owned By The DB Owner By Default
Date: 2008-10-30 04:43:15
Message-ID: 248241.57163.qm@web37606.mail.mud.yahoo.com (view raw or flat)
Thread:
Lists: pgsql-general
Hi Ho!

--- On Thu, 10/30/08, Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> wrote:

> Because it'd be extremely difficult to do otherwise
> (given the way that
> CREATE DATABASE works)

Understood.

> and it's not at all clear that
> it'd be a good
> idea anyway.

Can it be cleared up by looking at the kind of security breaches that can be abused by users that are not the owner of the DB when the public schema is owned by the owner of the DB (i.e., not a SUPERUSER) instead of by "postgres"?

I am hoping to get a list of achilles' heels that I need to consider when assigning the ownership of a public schema of a DB to its owner that is not a SUPERUSER from the default "postgres".

> 			regards, tom lane

Best regards,
Eus


      

In response to

pgsql-general by date

Next:From: Grant AllenDate: 2008-10-30 04:50:20
Subject: Re: Are there plans to add data compression feature to postgresql?
Previous:From: Abdul RahmanDate: 2008-10-30 04:42:00
Subject: Re: Replication with slony-I

Privacy Policy | About PostgreSQL
Copyright © 1996-2014 The PostgreSQL Global Development Group