Re: Revoke Public Database Connect
| От | Steve Crawford |
|---|---|
| Тема | Re: Revoke Public Database Connect |
| Дата | |
| Msg-id | 4DE03734.80608@pinpointresearch.com обсуждение исходный текст |
| Ответ на | Revoke Public Database Connect (Alan Gutierrez <alan@prettyrobots.com>) |
| Список | pgsql-novice |
On 05/27/2011 10:55 AM, Alan Gutierrez wrote: > I'm configuring a multi-tenant PostgreSQL server. When I create a new > database, anyone can connect to it. For me, that is bad. > > I run: > > REVOKE CONNECT ON DATABASE d FROM public; > > Now I'm only able to connect to the database as postgres. > > I tired putting the create and revoke in a transaction, but create > database cannot be put in a transaction. How do I create a database so > there is not that nanosecond window where someone could connect to the > database publiclly? > > -- > Alan Gutierrez - http://twitter.com/bigeasy - http://github.com/bigeasy > Um, really? Did you set pg_hba.conf to allow such a thing? That would be bad. If you, the superuser, create a database a normal user shouldn't be able to connect to it until you grant them privilege to do so. (Note that technically speaking anyone can connect to the database - a TCP or socket connection must be established to even pass the initial credentials - but PostgreSQL won't let them do anything till they pass muster.) It sounds to me like you have bad pg_hba.conf settings, have regular users who are granted excessive rights, or, perhaps, are creating databases from a template that has been altered to have loose permissions. IBM Developer Works has a good article on the subject: http://www.ibm.com/developerworks/opensource/library/os-postgresecurity/index.html Cheers, Steve
В списке pgsql-novice по дате отправления: