Re: strange permission error
| От | Mr Dash Four |
|---|---|
| Тема | Re: strange permission error |
| Дата | |
| Msg-id | 506C138A.3080309@googlemail.com обсуждение исходный текст |
| Ответ на | Re: strange permission error (Tom Lane <tgl@sss.pgh.pa.us>) |
| Список | pgsql-general |
> 2. If somebody manages to hijack your connection, you have much worse > problems than whether they can read your system catalogs. They can at > least copy, and probably modify, your user data. If I have restricted those permissions (i.e. access to specific schemas only, allowing specific operations - like INSERT only on just the tables needed for that particular db user) how would a user, who hijacked the connection, be able to "at least copy, and probably modify user data" then? > The catalogs are > unlikely to contain anything that's very interesting to an attacker > who knows enough about your operations to hijack a connection in the > first place. > They give a comprehensive information about the entire structure of the database - that, at least to me, is good-enough reason to restrict such an access.
В списке pgsql-general по дате отправления: