Search Postgresql Archives

Permissions for Newly Created User

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 


Dear PostgreSQL Support Team,

I would also like to suggest an enhancement to the default behavior for newly created users in PostgreSQL.

Observed Issue:
User Created: testdb
Command used: CREATE USER testdb WITH PASSWORD 'dhsfjobodjjbsdj';
After creating the user testdb, I observed that the user could still view objects, schemas, and their structures, as well as system tables and views, which contradicts the intended restricted permissions. Specifically:
The user was able to connect to the database and see all schemas, including those they should not have visibility into.
Even when permissions were revoked for specific schemas, the user could still list available tables and view their structures.

Suggested Privileges for Newly Created Normal Users:
I would like to suggest enhancements to the default behavior for newly created normal users in PostgreSQL to improve data security:

Database Connection: The user should have the ability to connect only to postgres  databases by default

Schema and Table Access: If the public schema contains 100 tables, the newly created user should not be able to list or view the structure of any table unless at least one specific privilege has been granted on those tables.
Ideally, the system should provide a hint like "user has insufficient privilege to view schema or table details" when access is restricted.
Restricted Visibility: The user should not have access to list schemas, tables, or any non-system-related objects unless explicitly authorized.

Read-Only Configurations: The user should have read-only access to view database configuration parameters.
Privileges: Additional by default privileges provided if necessary

Additional Suggestion:
I would also like to highlight a security concern regarding password handling:

When creating or altering a user's password, the log file captures the password in plain text format, which could be a potential security risk.
However, when using the \password command in psql, the password is logged in its hashed format (SHA-256), which is a more secure practice. I recommend extending this hashed logging format to all password creation and modification operations.
These suggestions aim to strengthen PostgreSQL's security by minimizing unnecessary access to sensitive data and improving password handling.

Thank you in advance for considering these.

Best regards,
Sreekanta Reddy
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Postgresql Jobs]     [Postgresql Admin]     [Postgresql Performance]     [Linux Clusters]     [PHP Home]     [PHP on Windows]     [Kernel Newbies]     [PHP Classes]     [PHP Databases]     [Postgresql & PHP]     [Yosemite]

  Powered by Linux