Mercurial > gemma
diff schema/roles.sql @ 478:3af7ca761f6a
Purge password reset role
The risk of SQL-injections and thus privilege escalation
via the metamorphic user was estimated not high enough to
justify the extra role. Thus, bring database back in line
with rev. ffdb507d5b42 and re-enable password reset.
author | Tom Gottfried <tom@intevation.de> |
---|---|
date | Thu, 23 Aug 2018 16:41:44 +0200 |
parents | 5611cf72cc92 |
children | 6590208e3ee1 |
line wrap: on
line diff
--- a/schema/roles.sql Thu Aug 23 16:18:07 2018 +0200 +++ b/schema/roles.sql Thu Aug 23 16:41:44 2018 +0200 @@ -9,9 +9,6 @@ -- Special roles -- --- A role that is intended to be used for password reset only -CREATE ROLE pw_reset; - -- A role that is intended to be used for backend- or -- GeoServer-connections on which SET ROLE has to be used to -- gain privileges of a specific role