Article directory
foreword
Information systems management functions include those required to manage databases, network components, workstations, or servers, and often require privileged user access. If administrative functions or information about PostgreSQL administration are displayed on an interface available to the user, it may inadvertently provide the user with information about the settings of the DBMS.
1. Check role permissions
Check the PostgreSQL settings to verify that administrative functions are separated from user functions.
As the database administrator (shown here as "postgres"), list all roles and permissions for the database:
# 切换至postgres账户
su - postgres
# 查询角色权限
psql -c "\du"
There is a security risk if any non-administrative role has "Superuser", "Create role", "Create DB" or "Bypass RLS" permissions.
2. Reinforcement suggestions
Configure PostgreSQL to separate database administration and general user functions. Don't grant superuser, create roles, create databases, or bypass rls role attributes to users who don't need it.
# 删除管理员权限示例
alter role <username> nosuperuser;
Summarize
PostgreSQL must separate user functions (including user interface services) from database administration functions.