Home > mailing lists

Re: Sample pg_hba.conf allows local users to access all databases - Mailing list pgsql-general

From	Christophe Pettus
Subject	Re: Sample pg_hba.conf allows local users to access all databases
Date	August 1, 2023 20:34:54
Msg-id	1B165218-5DEF-45C7-8442-B6DC80EEB10D@thebuild.com Whole thread Raw
In response to	Sample pg_hba.conf allows local users to access all databases (William Edwards <wedwards@cyberfusion.nl>)
List	pgsql-general

Tree view

> On Aug 1, 2023, at 10:13, William Edwards <wedwards@cyberfusion.nl> wrote:
> This allows all local users connecting over TCP to access all databases, not only the databases that the user is a
memberof as one might expect. 

There's really no notion of a user being "a member of" a database in PostgreSQL.  Users are global resources, which are
eithergranted access to a particular database, or aren't. 

In your example, you explicitly grant access to the databases to the users you are creating.

Since a default installation of PostgreSQL contains only one superuser role, and the `postgres` database, any other
accessrequires specific intervention on the part of someone with a superuser account.

pgsql-general by date:

From: "David G. Johnston"
Date: 01 August 2023, 20:14:08
Subject: Re: How to build a new grammer for pg?

From: "David G. Johnston"
Date: 01 August 2023, 20:35:46
Subject: Re: Sample pg_hba.conf allows local users to access all databases

Re: Sample pg_hba.conf allows local users to access all databases - Mailing list pgsql-general

Previous

Next