From: | "Jacopo Silva" <jacopo(at)silva(dot)net> |
---|---|
To: | <pgsql-admin(at)postgresql(dot)org> |
Subject: | R: users and passwords problem |
Date: | 2000-07-13 19:32:42 |
Message-ID: | 006101bfed02$8c07c460$5d22d8d4@giovanna |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-admin |
----- Original Message -----
From: Anthony E. Greene <agreene(at)pobox(dot)com>
To: <pgsql-admin(at)postgresql(dot)org>
Sent: Thursday, July 13, 2000 4:06 PM
Subject: Re: [ADMIN] users and passwords problem
> Denis Pugnere wrote:
> >
> > PG 7.0.2, RH Linux 6.2
> >
> > I'm trying to secure access to pgsql databases.
> > the politic I use is to only allow access databases with passwords.
> > (...)
> > Why this access is allowed ?
> > How to secure accesses to databases ?
>
> Have that "unauthorized" user try a SELECT and see what happens. They
> are allowed to connect, but not to retrieve any records.
Yes but they still can create new objects, e.g. "CREATE TABLE foo (id
serial, desc varchar(10));"
even if they aren't database owners. I think this is a known problem and
I've heard it will be
soon fixed.
Bye,
Jacopo
From | Date | Subject | |
---|---|---|---|
Next Message | Peter Eisentraut | 2000-07-13 22:35:49 | Re: Perl Procedural Language Install |
Previous Message | John Burski | 2000-07-13 17:05:09 | Perl Procedural Language Install |