agora inbox for postgres@postgres.berkeley.edu
help / color / mirror / Atom feedFrom: Tom Vijlbrief <tom@izf.tno.nl>
To: postgres@postgres.berkeley.edu
Subject: Re: Postgres security
Date: Fri, 8 Nov 91 03:51:53 -0800
Message-ID: <9111081151.AA00929@postgres.Berkeley.EDU> (raw)
Hi,
I've just installed postgres on a Sun and I'm looking at the possibility of
using postgres as a database server for an user accounting system I'm
writing. I built libpq on a Convex 3220 and I wrote a sample program on
the Convex to access a demo database on the Sun. Everything works great.
My question is: Does postgres do any kind of security checks to prevent
unauthorized users from accessing another users database. There did not
appear to be anykind of checks to prevent me from reading the database on
the Sun.
A related problem is the filemodes in the data/base directories.
File modes used to be 755 (directory) and 600 (files) in older versions
as I remember correctly.
Today:
drwxrwxrwx 2 postgres 1536 Nov 8 12:08 ./
drwxr-xr-x 8 postgres 512 Nov 7 14:43 ../
-rw-rw-rw- 1 postgres 32768 Nov 8 12:07 .nfs7B21
-rw-rw-rw- 1 postgres 32768 Nov 8 12:07 .nfs8B21
-rw-rw-rw- 1 postgres 16384 Nov 8 12:08 .nfs9B21
-rw-rw-rw- 1 postgres 16384 Nov 8 12:08 .nfsAB21
-rw-r--r-- 1 postgres 4 Oct 7 09:59 PG_VERSION
-rw-rw-rw- 1 postgres 0 Nov 8 12:07 ap_529408
-rw-rw-rw- 1 postgres 0 Oct 15 16:27 bigcity
-rw-rw-rw- 1 postgres 122880 Oct 7 13:55 borders
-rw-rw-rw- 1 postgres 24576 Oct 7 12:33 bordersindex
-rw-rw-rw- 1 postgres 40960 Oct 15 16:09 bordersmap
-rw-rw-rw- 1 postgres 24576 Oct 15 14:39 bordersmapindex
-rw-rw-rw- 1 postgres 147456 Oct 29 06:45 cities
-rw-rw-rw- 1 postgres 270336 Nov 8 10:55 col1
-rw-rw-rw- 1 postgres 0 Oct 15 16:27 distview
-rw-rw-rw- 1 postgres 8192 Oct 19 06:45 dynamic
-rw-rw-rw- 1 postgres 8192 Nov 8 12:07 geo_active_apr
-rw-rw-rw- 1 postgres 8192 Nov 8 12:07 geo_ap
-rw-rw-rw- 1 postgres 8192 Oct 7 13:54 geo_colors
-rw-rw-rw- 1 postgres 8192 Nov 1 06:45 geo_dyninfo
-rw-rw-rw- 1 postgres 16384 Oct 7 13:55 geo_icons
and
-rw-r--r-- 1 postgres 32768 Nov 8 12:07 pg_class
-rw-r--r-- 1 postgres 8192 Oct 31 06:45 pg_index
-rw-r--r-- 1 postgres 0 Oct 7 09:59 pg_inheritproc
-rw-r--r-- 1 postgres 8192 Oct 15 16:09 pg_inherits
-rw-r--r-- 1 postgres 8192 Oct 15 16:09 pg_ipl
-rw-r--r-- 1 postgres 8192 Oct 7 13:54 pg_language
-rw-r--r-- 1 postgres 8192 Oct 7 13:54 pg_opclass
-rw-r--r-- 1 postgres 24576 Oct 16 06:45 pg_operator
-rw-r--r-- 1 postgres 8192 Oct 7 13:54 pg_parg
-rw-r--r-- 1 postgres 0 Oct 7 09:59 pg_platter
-rw-r--r-- 1 postgres 0 Oct 7 09:59 pg_plmap
-rw-r--r-- 1 postgres 40960 Oct 16 06:45 pg_proc
So system relations are ok (created by createdb) but user relations
(created by create) are incorrect....
Tom
reply
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Reply to all the recipients using the --to and --cc options:
reply via email
To: postgres@postgres.berkeley.edu
Cc: tom@izf.tno.nl
Subject: Re: Postgres security
In-Reply-To: <9111081151.AA00929@postgres.Berkeley.EDU>
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
This inbox is served by agora; see mirroring instructions
for how to clone and mirror all data and code used for this inbox