Hello, When considering our mitigation strategy for the recently-announced
CVE-2018-1058, we’ve been trying to choose between:
This is of course after the
REVOKE CREATE ON SCHEMA public FROM PUBLIC. We understand why the public schema is owned by the “postgres” account to start with, i.e. because
CREATE DATABASE copies from the template1 database. But this does mean that we need a post-createdb action to allow an application account to use the public schema to create its objects (which
is our most typical configuration). Changing the owner of the public schema to the database owner after database creation (i.e. #1 above) seems to be the simplest approach, but we’re wondering if there’s a reason for the public schema to be owned by the postgres account,
i.e. beyond just “this is how it happens by default”. We can’t come up with one, and neither can our Google-fu. :-) Thanks in advance for your insights, Kav Moradhassel
|
R&D Tools and Metrics
| Ciena kmoradha@xxxxxxxxx
|
385 Terry Fox Drive
| Ottawa, ON, K2K 0L1 Canada |