Re: [Django] #6148: Add generic support for database schemas

Sat, 22 Oct 2022 08:23:00 -0700 

#6148: Add generic support for database schemas
-------------------------------------+-------------------------------------
     Reporter:  Ian Kelly            |                    Owner:  (none)
         Type:  New feature          |                   Status:  new
    Component:  Database layer       |                  Version:  dev
  (models, ORM)                      |
     Severity:  Normal               |               Resolution:
     Keywords:  oracle postgresql    |             Triage Stage:  Accepted
  mysql schemas                      |
    Has patch:  1                    |      Needs documentation:  0
  Needs tests:  0                    |  Patch needs improvement:  1
Easy pickings:  0                    |                    UI/UX:  0
-------------------------------------+-------------------------------------

Comment (by Simon Charette):

 As pointed out by a kind attendee at DjangoConUS 2022 we might have to
 revive [https://github.com/django/django/pull/6162/ Anssi's PR] sooner
 than later to support installs against PostgresSQL 15+.

 From [https://www.postgresql.org/docs/release/15.0/ PostgresSQL 15.0
 release notes]

 > Remove `PUBLIC` creation permission on the public schema (Noah Misch)
 >
 > The new default is one of the secure schema usage patterns that Section
 5.9.6 has recommended since the security release for CVE-2018-1058. The
 change applies to new database clusters and to newly-created databases in
 existing clusters. Upgrading a cluster or restoring a database dump will
 preserve public's existing permissions.
 >
 > For existing databases, especially those having multiple users, consider
 revoking `CREATE` permission on the public schema to adopt this new
 default. For new databases having no need to defend against insider
 threats, granting `CREATE` permission will yield the behavior of prior
 releases.

 If your project was created on PostgreSQL < 15 you should not run into any
 issues even when upgrading but for projects created on a fresh 15+ install
 you might have to issue a `GRANT CREATE ON SCHEMA public TO
 $your_django_user` until support for `DATABASES['SCHEMA']` is added.

-- 
Ticket URL: <https://code.djangoproject.com/ticket/6148#comment:188>
Django <https://code.djangoproject.com/>
The Web framework for perfectionists with deadlines.

-- 
You received this message because you are subscribed to the Google Groups 
"Django updates" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to [email protected].
To view this discussion on the web visit 
https://groups.google.com/d/msgid/django-updates/01070184004a34d2-9e17aaa7-d54d-40b2-aac9-2b0c8a6f48ba-000000%40eu-central-1.amazonses.com.

Reply via email to