public inbox for [email protected]
help / color / mirror / Atom feedFrom: Laurenz Albe <[email protected]>
To: Dominique Devienne <[email protected]>
To: Tom Lane <[email protected]>
Cc: Adrian Klaver <[email protected]>
Cc: David G. Johnston <[email protected]>
Cc: Igor Korot <[email protected]>
Cc: pgsql-generallists.postgresql.org <[email protected]>
Subject: Re: Fwd: Identify system databases
Date: Wed, 16 Apr 2025 22:04:10 +0200
Message-ID: <[email protected]> (raw)
In-Reply-To: <CAFCRh--z-BzUJ3C9qj=YPHQYA-zwNdTm2wGC7D74-j2vdK1mOA@mail.gmail.com>
References: <CA+FnnTxab=JyE0DZkfL4Z2MK8RvvTud9MZiNenD45AoV_t2Mxg@mail.gmail.com>
<CAKFQuwYaDXuuDoEaad5sYW97pRS_FJnmfZCwY3FojnDOdfXc9Q@mail.gmail.com>
<CA+FnnTzwmMTNymgPuiF4CLfa6YO+HBRx4Qy5_B_KDw1oNpiukw@mail.gmail.com>
<CA+FnnTyWMXPEVAwNNDnCVDfmTFNHdDfffiF5vLioxyTv8Jmq0A@mail.gmail.com>
<[email protected]>
<CAKFQuwbkQTbUwA4c6LFOMUWX5ojQY8DpKPQRh+xoe4VZABPWfw@mail.gmail.com>
<[email protected]>
<CAKFQuwYpY7urAHuns26cw=9TKTZJU4JdVBrXWoSH_nHfZ_s3Ww@mail.gmail.com>
<[email protected]>
<[email protected]>
<CAFCRh-_uEazAHjSz1WvL2STbR857V7E9YtkdwRO5xNNHLy2Ykw@mail.gmail.com>
<[email protected]>
<[email protected]>
<CAFCRh--z-BzUJ3C9qj=YPHQYA-zwNdTm2wGC7D74-j2vdK1mOA@mail.gmail.com>
On Wed, 2025-04-16 at 17:06 +0200, Dominique Devienne wrote:
> So in a way, you guys are saying one should never REVOKE CONNECT ON
> DATABASE FROM PUBLIC?
No, not at all.
> All my DBs are not PUBLIC-accessible.
> And inside my DBs, I try to revoke everything from PUBLIC
> (USAGE ON TYPES, EXECUTE ON ROUTINES).
> Nor do I use the public schema.
> And I never use the "built-in" postgres database.
> Basically I want all GRANTs to be explicit.
>
> Given the above, I'd want to not provide access to the postgres DB too.
> Yet have a way to discover which DBs I can connect to, from the "cluster only".
> Naively.
>
> Sounds like you are saying use the "postgres" DB for that, and move on.
It is just fine to restrict access to databases as much as you want.
You just need access to a database if you want to run SQL statements,
be that SELECT or CREATE DATABASE. It's as simple as that.
Restricting access is not wrong per se, but if you randomly restrict
access to everything, that's not so much a security measure as a way
to make the database unusable.
I see no value in restricting USAGE on the data type "text" or EXECUTE
on the function "upper()". Modifying system objects is not recommended
and can lead to trouble.
Yours,
Laurenz Albe
view thread (6+ messages)
reply
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Reply to all the recipients using the --to and --cc options:
reply via email
To: [email protected]
Cc: [email protected], [email protected], [email protected], [email protected], [email protected], [email protected], [email protected]
Subject: Re: Fwd: Identify system databases
In-Reply-To: <[email protected]>
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
This inbox is served by agora; see mirroring instructions
for how to clone and mirror all data and code used for this inbox