Home > mailing lists

Re: Heavy security bug in 7.2.2-16? - Mailing list pgsql-novice

From	Tom Lane
Subject	Re: Heavy security bug in 7.2.2-16?
Date	December 27, 2002 03:26:55
Msg-id	22197.1040966809@sss.pgh.pa.us Whole thread Raw
In response to	Heavy security bug in 7.2.2-16? (Heiko Schroeder <heikos@foni.net>)
Responses	sequence generator programmatic invocation (preferably JDBC)
List	pgsql-novice

Tree view

Heiko Schroeder <heikos@foni.net> writes:
> Especially when the superuser postmaster creates a database, e.g. test, a
> normal user although he is *not* the owner, if it is not denied that he can
> create new databases AND that he can create new users,

A user that can create new users is a superuser; there is no distinction
in Postgres.  As a superuser, there are no protection restrictions on
him.

            regards, tom lane

pgsql-novice by date:

From: Heiko Schroeder
Date: 26 December 2002, 23:27:36
Subject: Heavy security bug in 7.2.2-16?

From: "Reshat Sabiq"
Date: 29 December 2002, 10:11:31
Subject: sequence generator programmatic invocation (preferably JDBC)

Re: Heavy security bug in 7.2.2-16? - Mailing list pgsql-novice

Previous

Next