On Wed, Aug 13, 2008 at 7:44 AM, Thomas Jacob <jacob@internet24.de> wrote:
> Hello List,
>
> I was wondering if there is something like
> a best practice document for running
> PostgreSQL (probably 8.3.3) securely in a shared
> Web+DB hosting environment, where different
> people without any administrative relationship
> between them may run their databases on
> the same server.
Well, databases are designed to be accessed by people you trust to not
do really stupid things that can affect the other users.
I'd set up a db per user with pg_hba.conf set to only allow them to
log into the db of their own name.
> I am particularly interested in the
> role, permission and schema layout.
Each user = a new database. Let them do what they want to in there.
> Also I'm worried about the amount of information
> available to ordinary DB users. For instance,
> without revoking access to pg_catalog from
> PUBLIC all users can see the usernames,
> database names etc. of all other users. But
> revoking the right from pg_catalog doesn't
> seem to be an option, as this breaks
> several features of the psql utility and probably
> other things.
Hiding such things would only be security via obscurity and would
accomplish exactly nothing.. Actually keeping people from logging
into another user's database is much more important. that you can do
with pg_hba.conf.