| From: | "scott(dot)marlowe" <scott(dot)marlowe(at)ihs(dot)com> |
|---|---|
| To: | <ohp(at)pyrenet(dot)fr> |
| Cc: | pgsql-hackers list <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | Re: security flaw |
| Date: | 2003-06-10 14:15:06 |
| Message-ID: | Pine.LNX.4.33.0306100810090.13190-100000@css120.ihs.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
On Sat, 7 Jun 2003 ohp(at)pyrenet(dot)fr wrote:
> Hi all,
>
> I wonder if it's a security problem: One of my customer noticed that he
> could see all databases on the system with phppgadmin. not only he sees
> databases but tables, views, fonctions... Fortunatly he can't see any row.
>
> This customer has the ability to create databases but not users.
> I wonder if the super_user privilege should be separated from the
> priviledge of creating databases/users.
>
> I alose think that only a superuser should list databases and objects.
>
> What do you think?
Since security by obscurity is presumed to be ineffective, conversely,
revealing the location of an object produces no real decrease in security.
Now, it might be nice from the user's perspective if they could filter out
the stuff they don't have access to, in order to ensure a nice neat little
view of their own data in a galaxy of information (i.e. 100 other users
each with their own data set and priveldges.)
Since schemas provide a simple way to limit your own view, they provide
for that function.
Can phppgadmin be programmed to only use certain search paths in the
schema?
| From | Date | Subject | |
|---|---|---|---|
| Next Message | J.R. Nield | 2003-06-10 14:49:45 | Returning to the List |
| Previous Message | Tom Lane | 2003-06-10 14:11:00 | Re: host and hostssl equivalence in pg_hba.conf |