postgraas_server icon indicating copy to clipboard operation
postgraas_server copied to clipboard

Published 20 hours ago verified publisher icon blue-yonder

User are not constrained to their own DB

Open StephanErb opened this issue 7 years ago • 4 comments
trafficstars

If I create a DB and an associated user, I also get the permission to view and potentially edit other database instances.

StephanErb avatar Dec 04 '17 16:12 StephanErb

Any ideas what permissions are not sufficiently restricted?

sebastianneubauer avatar Dec 04 '17 20:12 sebastianneubauer

Sorry, looks like I spoke to soon. I can see other databases and their schemas but not their content.

Might be we need something like this https://dba.stackexchange.com/questions/17790/created-user-can-access-all-databases-in-postgresql-without-any-grants

StephanErb avatar Dec 04 '17 21:12 StephanErb

Currently it is the same information every user can access using the collection resource of the API anyhow, so we can close this issue, right?

sebastianneubauer avatar Feb 01 '18 11:02 sebastianneubauer

I would not agree. The database user is completely distinct from the user using the Postgraas service to provision the DB.

StephanErb avatar Feb 01 '18 13:02 StephanErb