Post by Uwe C. SchroederPost by Paul GimpeljIf I connect to any database with psql I can see all the other databases in
table pg_database under postgresql 7.2
What happens if I delete all the rows from this table.
Well, similar question would be "what happens if I format the harddrive and
throw the box into the bathtub" :-)
I wouldn't say so - you can delete from pg_database only if you
are are granted database create/drop (or you are superuser).
If I understand Paul correctly, his real question was "I can see
pg_database if I connect to any database, as any user - is it
safe/secure?". Then, answer to this question would be: yes, as long as
you are normal user, because it is one of PostgreSQL's system tables. You
can select from that table, but to update/delete from that table, you
need to have rights to create/drop database.
Do "select * from pg_shadow" as postgresql superuser, to check users
that have permission to create/drop (see
http://www.postgresql.org/docs/7.4/interactive/catalog-pg-shadow.html).
So, to be safe, do not grant database creation rights to users that
shouldn't have them (see also "Chapter 17. Database Users and Privileges" ->
"17.2. User Attributes"
http://www.postgresql.org/docs/7.4/interactive/user-attributes.html)
Best regards,
--
--- Artur Pietruk, arturp(-=AT=-)plukwa.net
---------------------------(end of broadcast)---------------------------
TIP 3: if posting/reading through Usenet, please send an appropriate
subscribe-nomail command to ***@postgresql.org so that your
message can get through to the mailing list cleanly