Deep Thoughts: Betting on Security

Cite

Related Material

PGCon - PostgreSQL Conference for Users and Developers

Conway, Joe

Formal Metadata

Title

Deep Thoughts: Betting on Security

Title of Series

PGCon 2020

Number of Parts

Author

Conway, Joe

Contributors

Khandhadia, Rekha

Macbeth, Evan

License

CC Attribution 3.0 Unported:
You are free to use, adapt and copy, distribute and transmit the work or content in adapted or unchanged form for any legal purpose as long as the work is attributed to the author in the manner specified by the author or licensor.

Identifiers

10.5446/52130 (DOI)

Publisher

PGCon - PostgreSQL Conference for Users and Developers

Release Date

2020

Language

English

Content Metadata

Subject Area

Information Science

Genre

Conference/Talk

Abstract

For all combinations of who/which/what, list who currently has which type of permissions for what objects in your most important database(s)? It shouldn’t be that hard to figure out, right? Would you be willing to bet your job that you have given a complete and correct answer, even if this were an open book test with access to the server and ample time? This talk seeks to dive deep into the weeds on the topic of how roles interact with Postgres default behaviors, role attributes, and object privileges, resulting in a particular discretionary access control (DAC) security posture.