Re: Bastian Blank 2011-10-15 <20111015184537.ga10...@wavehammer.waldi.eu.org> > On Sat, Oct 15, 2011 at 08:04:35PM +0200, Christoph Berg wrote: > > I don't think this is going to be changed. The initial permissions are > > there to make the database usable for "the public" (that's also what > > the name says). If you don't like the public schema, just drop it. > > This is not possible. The public schema always belongs to postgres and > not the owner of the db.
Well, then drop it as the postgres user. You can even do this for the template1 database. > > Security-wise this is not that much of a problem as users need to be > > explicitely created in the database cluster before they can connect. > > So every db user is allowed to DoS the db server and insert arbitrary > stuff into the template1 db in the default config. You obviously didn't read the next paragraph when you wrote this. > > I would agree that there might be a case to lock access to template1 > > for everyone except postgres by default. We might still decide not to > > deviate from upstream here, though. Martin, Peter? > > Well. Then it is time to refer this to CTTE. Good luck with wasting their time. I tried to discuss this with you and the PG maintainers, maybe you should wait a bit before escalating this. Christoph -- c...@df7cb.de | http://www.df7cb.de/
signature.asc
Description: Digital signature
