On Sat, Oct 15, 2011 at 08:04:35PM +0200, Christoph Berg wrote:
> I don't think this is going to be changed. The initial permissions are
> there to make the database usable for "the public" (that's also what
> the name says). If you don't like the public schema, just drop it.
This is not possible. The public schema always belongs to postgres and
not the owner of the db.
> Security-wise this is not that much of a problem as users need to be
> explicitely created in the database cluster before they can connect.
So every db user is allowed to DoS the db server and insert arbitrary
stuff into the template1 db in the default config.
> I would agree that there might be a case to lock access to template1
> for everyone except postgres by default. We might still decide not to
> deviate from upstream here, though. Martin, Peter?
Well. Then it is time to refer this to CTTE.
Bastian
--
Women professionals do tend to over-compensate.
-- Dr. Elizabeth Dehaver, "Where No Man Has Gone Before",
stardate 1312.9.
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
