Login ProductsSalesSupportDownloadsAbout |
Home » Technical Support » ElevateDB Technical Support » Support Forums » ElevateDB General » View Thread |
Messages 1 to 4 of 4 total |
Security Issue - Public Role |
Tue, Jul 22 2014 3:54 AM | Permanent Link |
Gruetzmacher | hello,
i find it difficult that with the creation of a new user in the database, the user automatically gets the 'Public' role assigned. this automatically seems to grant insert/update-rights on all tables to the new user which i really would like to avoid. however when revoking 'PUBLIC' from [new user] it can't read the configuration-database anymore ... what is the best way to deal with this situation? i would like to give the lowest possible rights by default to a user. thank you in advance |
Tue, Jul 22 2014 5:15 AM | Permanent Link |
Roy Lambert NLH Associates Team Elevate | Gruetzmacher
>hello, >i find it difficult that with the creation of a new user in the database, the user automatically gets the 'Public' role assigned. >this automatically seems to grant insert/update-rights on all tables to the new user which i really would like to avoid. >however when revoking 'PUBLIC' from [new user] it can't read the configuration-database anymore ... >what is the best way to deal with this situation? > >i would like to give the lowest possible rights by default to a user. I don't know a way to prevent a user being created with Public but I do know REVOKE ALL PRIVILEGES ON DATABASE yourdb FROM PUBLIC which should have the same effect Roy Lambert |
Thu, Jul 24 2014 12:07 PM | Permanent Link |
Gruetzmacher | thank you roy!
i will try this out ... pretty sure i didn't try it that way. would be great Roy Lambert wrote: Gruetzmacher >hello, >i find it difficult that with the creation of a new user in the database, the user automatically gets the 'Public' role assigned. >this automatically seems to grant insert/update-rights on all tables to the new user which i really would like to avoid. >however when revoking 'PUBLIC' from [new user] it can't read the configuration-database anymore ... >what is the best way to deal with this situation? > >i would like to give the lowest possible rights by default to a user. I don't know a way to prevent a user being created with Public but I do know REVOKE ALL PRIVILEGES ON DATABASE yourdb FROM PUBLIC which should have the same effect Roy Lambert |
Thu, Jul 24 2014 1:09 PM | Permanent Link |
Gruetzmacher | roy,
this is really good. just in case someone is trying to play around with the security levels on table: in order to fully grant specific table rights to a user: (you have to be part of the Administrators Role to do this) - revoke all rights from role PUBLIC for this specific database since all users get granted public automatically and PUBLIC has update rights on all tables - grant select on database level to the user - this enabled the user to read the metadata - otherwise it does not see the database at all - grant specific rights on table level to the user |
This web page was last updated on Saturday, April 27, 2024 at 08:52 PM | Privacy PolicySite Map © 2024 Elevate Software, Inc. All Rights Reserved Questions or comments ? E-mail us at info@elevatesoft.com |