Re: Rationale for PUBLIC having CREATE and USAGE privileges on theschema "public" by default

Поиск
Список
Период
Сортировка
От Tim Clarke
Тема Re: Rationale for PUBLIC having CREATE and USAGE privileges on theschema "public" by default
Дата
Msg-id 5a573987-6285-7ed6-b7a2-b38c306dbf0a@manifest.co.uk
обсуждение исходный текст
Ответ на Re: Rationale for PUBLIC having CREATE and USAGE privileges on theschema "public" by default  (Olegs Jeremejevs <olegs@jeremejevs.com>)
Список pgsql-general
Дерево обсуждения 
On 17/02/18 20:48, Olegs Jeremejevs wrote:
> Okay, in other words, there's no way to completely defend oneself from
> DoS attacks which require having a session? If so, is there a scenario
> where some bad actor can create a new user for themselves (to connect
> to the database with), and not be able to do anything more damaging
> than that? For example, if I can do an SQL injection, then I can do
> something more clever than running a CREATE ROLE. And if not, then
> there's no point in worrying about privileges in a single-tenant
> database? Beyond human error safeguards.
>
> Olegs

How about execution limits, Olegs?

Tim Clarke
Вложения

В списке pgsql-general по дате отправления:

Предыдущее
От: Olegs Jeremejevs
Дата:
Сообщение: Re: Rationale for PUBLIC having CREATE and USAGE privileges on theschema "public" by default
Следующее
От: "David G. Johnston"
Дата:
Сообщение: Re: Rationale for PUBLIC having CREATE and USAGE privileges on theschema "public" by default