Postgres Pro
Downloads
Home   >   mailing lists

Thread: [admin]@postgresql.org pg_database contents ... what happens

[admin]@postgresql.org pg_database contents ... what happens

From
"Paul Gimpelj"
Date:
If I connect to any database with psql I can see all the other databases in table pg_database
under postgresql 7.2
 
What happens if I delete all the rows from this table.
 
 

Re: [admin]@postgresql.org pg_database contents ... what happens

From
"Uwe C. Schroeder"
Date:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Sunday 30 May 2004 09:44 pm, Paul Gimpelj wrote:
> If I connect to any database with psql I can see all the other databases in
> table pg_database under postgresql 7.2
>
> What happens if I delete all the rows from this table.


Well, similar question would be "what happens if I format the harddrive and
throw the box into the bathtub" :-)

    UC

- --
Open Source Solutions 4U, LLC    2570 Fleetwood Drive
Phone:  +1 650 872 2425        San Bruno, CA 94066
Cell:   +1 650 302 2405        United States
Fax:    +1 650 872 2417
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3 (GNU/Linux)

iD8DBQFAusZejqGXBvRToM4RAurNAKCmN8Zl0q45v4c8d3ueCtBI3RkG5QCdGMfz
N2h04lJOnXNAM1Ywml9vh0Y=
=WgMl
-----END PGP SIGNATURE-----

Re: [admin]@postgresql.org pg_database contents ... what happens

From
Artur P
Date:
On Sun, May 30, 2004 at 10:45:02PM -0700, Uwe C. Schroeder wrote:
> On Sunday 30 May 2004 09:44 pm, Paul Gimpelj wrote:
> > If I connect to any database with psql I can see all the other databases in
> > table pg_database under postgresql 7.2
> >
> > What happens if I delete all the rows from this table.
>
>
> Well, similar question would be "what happens if I format the harddrive and
> throw the box into the bathtub" :-)

    I wouldn't say so - you can delete from pg_database only if you
are are granted database create/drop (or you are superuser).

    If I understand Paul correctly, his real question was "I can see
pg_database if I connect to any database, as any user - is it
safe/secure?". Then, answer to this question would be: yes, as long as
you are normal user, because it is one of PostgreSQL's system tables. You
can select from that table, but to update/delete from that table, you
need to have rights to create/drop database.

    Do "select * from pg_shadow" as postgresql superuser, to check users
that have permission to create/drop (see
http://www.postgresql.org/docs/7.4/interactive/catalog-pg-shadow.html).

    So, to be safe, do not grant database creation rights to users that
shouldn't have them (see also "Chapter 17. Database Users and Privileges" ->
"17.2. User Attributes"
http://www.postgresql.org/docs/7.4/interactive/user-attributes.html)

    Best regards,
--
--- Artur Pietruk, arturp(-=AT=-)plukwa.net