Skip site navigation (1) Skip section navigation (2)

Re: Superuser without pg_hba could drop database

From: Guillaume Lelarge <guillaume(at)lelarge(dot)info>
To: Mudy Situmorang <mudy(at)astasolusi(dot)com>
Cc: pgadmin-support(at)postgresql(dot)org
Subject: Re: Superuser without pg_hba could drop database
Date: 2010-07-29 06:31:44
Message-ID: 4C512050.7050708@lelarge.info (view raw or flat)
Thread:
Lists: pgadmin-support
Le 29/07/2010 07:34, Mudy Situmorang a écrit :
> Superuser without pg_hba could drop database from client at pgAdminIII
> Object browser by left click & Delete/Drop.
> 
> User has superuser rights, but no pg_hba connection entry for the host.
> 
> There are warnings on left click, twice:
> An error has occured:
> FATAL: no pg_hba.conf entry for host "172.17.0.8", user "tempuser", database
> "testdatabase", SSL on
> FATAL: no pg_hba.conf entry for host "172.17.0.8", user "tempuser", database
> "testdatabase", SSL off
> 
> Then context menu appear, click Delete/Drop, Yes on confirmation.
> 
> The database is gone.
> 
> 
> pgAdminIII at client:
> Windows XP
> pgAdminIII 1.10.3 (from PostgreSQL 8.4 windows package)
> 
> 
> PostgreSQL 8.4 server:
> Ubuntu 10.04
> 
> 
> 
> I think it is very dangerous.
> 

This is not an issue with pgAdmin. You can do the same with psql.

BTW, pg_hba.conf file controls who has the right to connect to one
database or another, not the rights users have on objects. To drop a
database, you need to be its owner or a superuser, and you need that
noone is connected to this database. It has nothing to do with the fact
that you are allowed to connect to it.


-- 
Guillaume
 http://www.postgresql.fr
 http://dalibo.com

In response to

Responses

pgadmin-support by date

Next:From: Mudy SitumorangDate: 2010-07-29 07:15:20
Subject: Re: Superuser without pg_hba could drop database
Previous:From: Samokhin ViktorDate: 2010-07-29 06:06:29
Subject: pgAdmin 1.10.2 issue

Privacy Policy | About PostgreSQL
Copyright © 1996-2014 The PostgreSQL Global Development Group