Hi all,
Having had a play with GRANT, REVOKE and database ownership, a couple of
things have come to my attention. I'm pretty sure I've covered everywhere
these may be explained in the documentation, but please send me off in the
right direction if I've missed something:
1) There doesn't seem to be a way to limit connections to a particular
database. This is okay, because you can remove PUBLIC rights from
everything, but even the connection and visible tables are security concerns
already.
2) Given this connection, it seems that any user can also CREATE a table in
any database, regardless of owner. They couldn't modify or delete objects,
but they can create them.
Have I merely missed an important feature, or are these real concerns? [ I'm
coming from the perspective of a web/database hosting provider, so anything
that opens up my customers to attack is Not Good. :) ]
- Jeff
--
"Stay away from my house, you freak! Can't you see that everyone is
buying station wagons?" - Neal Stephenson, ITBWTCL
