Home > mailing lists

Re: PostgresQL setup in hosted environment - Mailing list pgsql-general

From	Tom Lane
Subject	Re: PostgresQL setup in hosted environment
Date	August 12, 2001 15:31:22
Msg-id	21072.997633781@sss.pgh.pa.us Whole thread Raw
In response to	PostgresQL setup in hosted environment (Jochem van Dieten <jochemd@oli.tudelft.nl>)
List	pgsql-general

Tree view

Jochem van Dieten <jochemd@oli.tudelft.nl> writes:
> - can users break out of PostgresQL to execute shell commands?

Not if you don't make them superusers, which your script doesn't.
(If they are superusers, they can install C functions that do anything
the Postgres userid can do.)

> - is it a security risk to give users RULE permission?

No.

> - is it a security risk to make sql a trusted language?

It's irrelevant; the TRUST flag is only used for procedural languages.

> - how would I grant select permissions to a user on tables in a specific
> database, while connected (as superuser) to a different database in the
> same cluster?

You wouldn't.

            regards, tom lane

pgsql-general by date:

From: "omid omoomi"
Date: 12 August 2001, 14:45:07
Subject: Re: Problem with foreign keys

From: Jochem van Dieten
Date: 12 August 2001, 20:07:46
Subject: Re: PostgresQL setup in hosted environment

Re: PostgresQL setup in hosted environment - Mailing list pgsql-general

Previous

Next