Thread: Securing table creation

Securing table creation

From
GH
Date:
How are Postgres administrators (e.g. ISPs) securing table creation?

As I see it, any user may create tables under any database (except
Postgres system catalogs) whether they are meant to be allowed to or
are not. Is this  accurate? I do not see any way to define permissions
for a database regarding creating tables under that database.

This seems like a security flaw. Is that the case?
Suppose there exists a multi-user webserver. There are many
users who have access to Postgres, but not to everything within
Postgres. If there is among the users one that is hostile
(or uncareful) it seems to be possible for this user to create tables
under any database...and insert data into that table. Of course, reads
and writes to existing tables is managed by grants, but not table
creation.

Is there a way around this?
I hope to (almost have to) use strictly database-based authentication
(i.e. without using external password files).
It seems that tables can be created under any database regardless of the
authentication setup in pg_hba.conf (e.g. using a seperate password file
for each database, database-based passwords, etc.).

I thank you.

gh



Re: Securing table creation

From
GH
Date:
On Thu, Nov 16, 2000 at 10:02:23AM +1100, some SMTP stream spewed forth:
> In Postgres 7.0.2 (not sure about previous versions, I'm sure someone else
> knows), you can have multiple users (obviously with different username and
> passwords), and you have to "grant access" to a user for anything (reading,
> writing, creation etc), and it *is* database specific (AFAIK).
>
> http://www.postgresql.org/docs/aw_pgsql_book/node214.html
> This page might give you a better idea of how it works :)
>

Thank you for your speedy (and helpful) reply.

I think I missed something somewhere.
Here is how things are set up now (on our system):
pg_hba.conf:
host  all   0.0.0.0   0.0.0.0     password
local all password

psql -U superuser template1
->create user someuser with password 'userpass';
->create database somedb;
->\q

psql -U someuser somedb;
->create table sometable (blah char(15));
->insert into sometable values ('blahtest');
->drop table sometable;

All other table access not explicitly grant-ed is denied.
(Note the lack of any grant-ing any rights to 'someuser'.)

The user 'someuser' is able to create tables under any database and is
able to connect to any database (connecting is not so bad, as that does
not allow reads or writes to existing tables).

I saw nothing in any of the online manuals regarding 'GRANT ALL'
supplying table creation rights..

Is table creation limited only if the user is in a group? (That seems
rather odd.)


Thank you for the link. (I have d/l-ed the book prior to this issue
though. ;-))

Keep in mind, all privileges other than table creation are working as
expected.

I thank you again.
gh

> Regards,
>
>
> >How are Postgres administrators (e.g. ISPs) securing table creation?
> >
> >As I see it, any user may create tables under any database (except
> >Postgres system catalogs) whether they are meant to be allowed to or
> >are not. Is this  accurate? I do not see any way to define permissions
> >for a database regarding creating tables under that database.
> >