We are trying to determine the possible side effects of a rouge user account. A web application requires a dedicated PostgreSQL database in which to create tables and other database objects and manipulate data within this single database. So I have created a database and made the application's PostgreSQL login role be the owner of this database. They however have no CREATEDB, CREATEROLE privileges and so on. If this web application is compromised in one way or another such as SQL injection (assuming the web application doesn't strictly make use of parametrized queries). Or somehow the username and password stored in the application's code are stolen. What extend of damage would the hacker inflict. I am assuming: 1) data and database objects may only be deleted, dropped or stolen from only this single database as the given user role may only login into this single database. New unwelcome database objects may also be created in this database. 2) Possible denial of service attack where such user may run expensive SELECT or data modification queries. Are there other problems we may expect. Can they run any OS programs or install any such tools, induce buffer overflows and so on.? Regards, Allan. -- Sent via pgsql-general mailing list (pgsql-general@xxxxxxxxxxxxxx) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-general
