| From: | "Jacopo Silva" <jacopo(at)silva(dot)net> |
|---|---|
| To: | <pgsql-admin(at)postgresql(dot)org> |
| Subject: | R: users and passwords problem |
| Date: | 2000-07-13 19:32:42 |
| Message-ID: | 006101bfed02$8c07c460$5d22d8d4@giovanna |
| Views: | Whole Thread | Raw Message | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-admin |
----- Original Message -----
From: Anthony E. Greene <agreene(at)pobox(dot)com>
To: <pgsql-admin(at)postgresql(dot)org>
Sent: Thursday, July 13, 2000 4:06 PM
Subject: Re: [ADMIN] users and passwords problem
> Denis Pugnere wrote:
> >
> > PG 7.0.2, RH Linux 6.2
> >
> > I'm trying to secure access to pgsql databases.
> > the politic I use is to only allow access databases with passwords.
> > (...)
> > Why this access is allowed ?
> > How to secure accesses to databases ?
>
> Have that "unauthorized" user try a SELECT and see what happens. They
> are allowed to connect, but not to retrieve any records.
Yes but they still can create new objects, e.g. "CREATE TABLE foo (id
serial, desc varchar(10));"
even if they aren't database owners. I think this is a known problem and
I've heard it will be
soon fixed.
Bye,
Jacopo
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Peter Eisentraut | 2000-07-13 22:35:49 | Re: Perl Procedural Language Install |
| Previous Message | John Burski | 2000-07-13 17:05:09 | Perl Procedural Language Install |