Re: pgadmin security issue

["Dave Page" <dpage(at)pgadmin(dot)org>]

On Wed, Apr 23, 2008 at 8:11 AM, Julius Tuskenis <julius(at)nsoft(dot)lt> wrote:
> Hi, Suren,
> >
> >
> > /Even though we can restrict a user for couple of databases , the user can
> disconnect from the current  session and edit the connection properties/
> >
> > /SO this means he could remove the /DB restriction field/ " datname IN
> ('live_db', 'test_db') "  and reconnect and see all the other databases/
> >
> >
> > /I recommend setting up a admin account at the time of installing pgadmin
> and only by login in to the admin account of pgadmin should be able to
> create, edit and view connection properties/
> >
> >
>  I think its not pgAdmin you should set permitions on. You should not grant
> your user to connect to databases you don't want him to (in postgreSQL).

This is correct - the DB restriction option is not a security feature,
but a convenience feature to allow you to hide databases in which you
have no interest. This is most useful in schools or with hosting
providers where there may be large numbers of databases on the same
server, most of which are of no interest to an individual user.

As Julius correctly states, to *secure* databases, you must revoke
connect privileges on the server.

-- 
Dave Page
EnterpriseDB UK: http://www.enterprisedb.com