Re: [HACKERS] QGIS Seem To Bypass PostgreSQL/PostGIS User Privileges/Permissions
| От | Giuseppe Broccolo |
|---|---|
| Тема | Re: [HACKERS] QGIS Seem To Bypass PostgreSQL/PostGIS User Privileges/Permissions |
| Дата | |
| Msg-id | CAFzmHiVfn4NJ1rw8Tmn1UzX=JRNAnfE=V_1Ot4JCzN0W2+8VbQ@mail.gmail.com обсуждение исходный текст |
| Ответ на | Re: [HACKERS] QGIS Seem To Bypass PostgreSQL/PostGIS User Privileges/Permissions (John Scalia <jayknowsunix@gmail.com>) |
| Список | pgsql-hackers |
Hi all,
--
2017-03-17 17:09 GMT+01:00 John Scalia <jayknowsunix@gmail.com>:
While I do not know QGIS, I'm wondering if it's similar to some of our applications where they always use the same system login for the database while each user provides a unique login to the application. Have you ever set log_connections in your postgresql.conf file? That would show you which user is connecting during your attempts, and they might very well be something you're not expecting. As far as I know, there is no way for any application to bypass PostgreSQL's internal security model.
Exactly, so I repost here my initial question:
On Fri, Mar 17, 2017 at 4:16 PM, Giuseppe Broccolo <giuseppe.broccolo@2ndquadrant.it> wrote: Check which user is used the first time you connect to the database through QGIS, and if you switch the user to [user_name] in a second moment. I'm wondering if you are keeping some privileges from a previous session.
Regards,
Giuseppe.
--
Giuseppe Broccolo - 2ndQuadrant Italy
PostgreSQL & PostGIS Training, Services and Support
giuseppe.broccolo@2ndQuadrant.it | www.2ndQuadrant.it
PostgreSQL & PostGIS Training, Services and Support
giuseppe.broccolo@2ndQuadrant.it | www.2ndQuadrant.it
В списке pgsql-hackers по дате отправления: