Re: Restricting user to see schema structure - Mailing list pgsql-general
| From | Adrian Klaver |
|---|---|
| Subject | Re: Restricting user to see schema structure |
| Date | |
| Msg-id | f43213da-19e2-17a1-98f0-d3ccc7699b7a@aklaver.com Whole thread Raw |
| In response to | Re: Restricting user to see schema structure (Bryn Llewellyn <bryn@yugabyte.com>) |
| List | pgsql-general |
On 5/16/22 22:21, Bryn Llewellyn wrote:
>> Because as mentioned previously you did not "revoke connect on
>> database postgres from public".
>
> Right, I see the importance of this now. I now realize that when a
> database is created, CONNECT on it is automatically granted to PUBLIC.
> But there's no mention of this (or what to read to learn that this is
> the case) in the "pg_hba.conf" chapter. Nor does the section on the
> CREATE DATABASE statement mention this. How is the neophyte supposed to
> know about this behavior?
CREATE DATABASE is an object creation command and what you are concerned
with is not that but the privileges associated with the object. As David
pointed out that is spelled out in the section on privileges. To me it
makes sense to aggregate privilege information rather then have to walk
through all the object creation sections.
>
> Another thing that confused me was the significance of the lines for the
> database "replication" in the "pg_hba.conf" that came with my
> installation. Add to this the mutually exclusive keywords "REPLICATION"
> and "NO REPLICATION" in the CREATE ROLE statement. ("These clauses
> determine whether a role is a replication role.") So this seems to be a
> distinct use of the word from how it's used in "pg_hba.conf" as the name
> of a database (that might well not exist). Strangely, the CREATE ROLE
> doc says that you don't need either of "REPLICATION" or "NO REPLICATION"
> but it doesn't say what the default is.
From here:
https://www.postgresql.org/docs/current/auth-pg-hba-conf.html
"The value replication specifies that the record matches if a physical
replication connection is requested, however, it doesn't match with
logical replication connections. Note that physical replication
connections do not specify any particular database whereas logical
replication connections do specify it."
Makes sense to me, it is a 'dummy' value for binary replication
connections as they do not actually connect to a database but to a cluster.
As to CREATE ROLE:
https://www.postgresql.org/docs/current/sql-createrole.html
REPLICATION
NOREPLICATION
" These clauses determine whether a role is a replication role. A
role must have this attribute (or be a superuser) in order to be able to
connect to the server in replication mode (physical or logical
replication) and in order to be able to create or drop replication
slots. A role having the REPLICATION attribute is a very highly
privileged role, and should only be used on roles actually used for
replication. If not specified, NOREPLICATION is the default. You must be
a superuser to create a new role having the REPLICATION attribute.
"
So the default of NOREPLICATION is mentioned.
replication(pg_hba.conf 'dummy' value) and REPLICATION/NOREPLICATION
roles are referring to different aspects of the same process. Honestly
I'm not seeing how this is any different from database postgres and role
postgres.
--
Adrian Klaver
adrian.klaver@aklaver.com
pgsql-general by date: