23

When I tried 

REVOKE ALL PRIVILEGES ON DATABASE postgres from admin;

but the user admin is still able to connect to postgres remotely via pgadmin after that.

How do I completely revoke an user's access to a database?

/root$ psql -U postgres
psql (9.2.24)
Type "help" for help.

postgres=# \du
                             List of roles
 Role name |                   Attributes                   | Member of 
-----------+------------------------------------------------+-----------
 admin     | No inheritance                                 | {}
 postgres  | Superuser, Create role, Create DB, Replication | {}

postgres=# REVOKE ALL PRIVILEGES ON DATABASE postgres from admin; 
REVOKE
postgres=# SELECT * FROM pg_stat_activity;
 datid | datname  |  pid   | usesysid | usename  | application_name | client_addr | client_hostname | client_port |         backend_start         |          xact_start           |
          query_start          |         state_change          | waiting | state  |              query              
-------+----------+--------+----------+----------+------------------+-------------+-----------------+-------------+-------------------------------+-------------------------------+
-------------------------------+-------------------------------+---------+--------+---------------------------------
 12924 | postgres | 121487 |       10 | postgres | psql             |             |                 |          -1 | 2018-03-10 20:20:42.458031+08 | 2018-03-10 20:21:27.367078+08 |
 2018-03-10 20:21:27.367078+08 | 2018-03-10 20:21:27.367082+08 | f       | active | SELECT * FROM pg_stat_activity;
(1 row)

postgres=# \q
/root$ psql -U admin postgres
psql (9.2.24)
Type "help" for help.

postgres=>

enter image description here

Improve this question
2
  • Possible duplicate of Revoke access to postgres database for a role Commented Mar 10, 2018 at 12:40
  • @SepehrGH the answers there still allows the user to see the existence of the database (and hence can attempt to connect). I want to hide the database completely from the user. Commented Mar 10, 2018 at 12:58

1 Answer 1

Reset to default
42

You probably also need to do a

REVOKE CONNECT ON DATABASE postgres FROM PUBLIC;

Each role is an implicit member of PUBLIC.

Improve this answer
Sign up to request clarification or add additional context in comments.

5 Comments

This does prevent user from connecting to the database! But it is still able to see the existence of the database (and hence can attempt to connect). Is there a way to hide the existence of the database completely from an user?
Not within a single instance (you could run multiple instances). Why do you want to? (Obscurity is not security)
I just prefer not to let the user know about the existence of other DBs (this is possible in MySQL). I guess I'll have to run multiple instances then...
PUBLIC is a virtual role?
@Eelke While obscurity is definitely not security, obscurity does stop a naive dev asking for access to a database they shouldn't access, triggering naive managers to schedule expensive meetings to discuss why dev shouldn't have access.

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.