In phpPgAdmin, you may notice that you can see all users and databases.
You can make sure only databases owned by the user are visible in phpPgAdmin with the owned_only option in the file /usr/local/cpanel/base/3rdparty/phpPgAdmin/conf/config.inc.php.
# grep owned_only /usr/local/cpanel/base/3rdparty/phpPgAdmin/conf/config.inc.php
$conf['owned_only'] = true;
It would still be possible to view all databases and users on the server if the client were to log in to PostgreSQL via another client. Having all users and databases visible is by design by PostgreSQL, but it doesn't mean they have access.
Comments
0 comments
Article is closed for comments.