Postgresql – Is the database secure? / What does “=Tc/postgres” allow

postgresql

Given the following…

iproductiondb  | postgres | UTF8     | en_US.UTF-8 | en_US.UTF-8 | =Tc/postgres                 +
               |          |          |             |             | postgres=CTc/postgres        +
               |          |          |             |             | iproduction=CTc/postgres

Are the postgres and iproduction roles the only roles that have any type of access to iproductiondb ?

=Tc/postgres is making me wonder if I need to fix something?

Best Answer

=Tc/postgres means that postgres has granted CONNECT and TEMPORARY privileges to PUBLIC. You can revoke these privilege with :

revoke connect on database iproductiondb from public;
revoke temporary on database iproductiondb from public;

In general you should also check pg_hba.conf.

Related Solutions

Postgresql – Connect to PgAdmin III via localhost

The basic misunderstanding: "localhost" is not a local connection. Your "trust" line in pg_hba.conf is not applicable for your connection:

local   all   all   trust

That only applies for connections via Unix-domain socket. Best choice for you is to connect via this route. Per pgAdmin documentation:

The host is the IP address of the machine to contact, or the fully qualified domain name. On Unix based systems, the address field may be left blank to use the default PostgreSQL Unix Domain Socket on the local machine, or be set to an alternate path containing a PostgreSQL socket. If a path is entered, it must begin with a “/”. The port number may also be specified.

Bold emphasis mine.

More about connecting without password in this related answer on SO:
Run batch file with psql command without password

PostgreSQL Upgrade – How to Upgrade Postgres 9.3 to 9.4 After Ubuntu Upgrade

I had the same error, I figured that the error was happening during shutdown of old cluster, it actually caused the cluster not to shut down fully.

What worked for me was stopping the old cluster manually and only then performing an upgrade.

sudo service postgresql stop
sudo pg_upgradecluster 9.3 main

Best Answer

Related Solutions

Postgresql – Connect to PgAdmin III via localhost

PostgreSQL Upgrade – How to Upgrade Postgres 9.3 to 9.4 After Ubuntu Upgrade

Related Question