Re: Superuser without pg_hba could drop database

Le 29/07/2010 07:34, Mudy Situmorang a écrit :
> Superuser without pg_hba could drop database from client at pgAdminIII
> Object browser by left click & Delete/Drop.
> 
> User has superuser rights, but no pg_hba connection entry for the host.
> 
> There are warnings on left click, twice:
> An error has occured:
> FATAL: no pg_hba.conf entry for host "172.17.0.8", user "tempuser", database
> "testdatabase", SSL on
> FATAL: no pg_hba.conf entry for host "172.17.0.8", user "tempuser", database
> "testdatabase", SSL off
> 
> Then context menu appear, click Delete/Drop, Yes on confirmation.
> 
> The database is gone.
> 
> 
> pgAdminIII at client:
> Windows XP
> pgAdminIII 1.10.3 (from PostgreSQL 8.4 windows package)
> 
> 
> PostgreSQL 8.4 server:
> Ubuntu 10.04
> 
> 
> 
> I think it is very dangerous.
> 

This is not an issue with pgAdmin. You can do the same with psql.

BTW, pg_hba.conf file controls who has the right to connect to one
database or another, not the rights users have on objects. To drop a
database, you need to be its owner or a superuser, and you need that
noone is connected to this database. It has nothing to do with the fact
that you are allowed to connect to it.


-- 
Guillaumehttp://www.postgresql.frhttp://dalibo.com