Re: [Django] #6148: Add generic support for database schemas

Sat, 22 Oct 2022 08:23:00 -0700 

#6148: Add generic support for database schemas
-------------------------------------+-------------------------------------
     Reporter:  Ian Kelly            |                    Owner:  (none)
         Type:  New feature          |                   Status:  new
    Component:  Database layer       |                  Version:  dev
  (models, ORM)                      |
     Severity:  Normal               |               Resolution:
     Keywords:  oracle postgresql    |             Triage Stage:  Accepted
  mysql schemas                      |
    Has patch:  1                    |      Needs documentation:  0
  Needs tests:  0                    |  Patch needs improvement:  1
Easy pickings:  0                    |                    UI/UX:  0
-------------------------------------+-------------------------------------

Comment (by Simon Charette):

 As pointed out by a kind attendee at DjangoConUS 2022 we might have to
 revive [https://github.com/django/django/pull/6162/ Anssi's PR] sooner
 than later to support installs against PostgresSQL 15+.

 From [https://www.postgresql.org/docs/release/15.0/ PostgresSQL 15.0
 release notes]

 > Remove `PUBLIC` creation permission on the public schema (Noah Misch)
 >
 > The new default is one of the secure schema usage patterns that Section
 5.9.6 has recommended since the security release for CVE-2018-1058. The
 change applies to new database clusters and to newly-created databases in
 existing clusters. Upgrading a cluster or restoring a database dump will
 preserve public's existing permissions.
 >
 > For existing databases, especially those having multiple users, consider
 revoking `CREATE` permission on the public schema to adopt this new
 default. For new databases having no need to defend against insider
 threats, granting `CREATE` permission will yield the behavior of prior
 releases.

 If your project was created on PostgreSQL < 15 you should not run into any
 issues even when upgrading but for projects created on a fresh 15+ install
 you might have to issue a `GRANT CREATE ON SCHEMA public TO
 $your_django_user` until support for `DATABASES['SCHEMA']` is added.

-- 
Ticket URL: <https://code.djangoproject.com/ticket/6148#comment:188>
Django <https://code.djangoproject.com/>
The Web framework for perfectionists with deadlines.

-- 
You received this message because you are subscribed to the Google Groups 
"Django updates" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to django-updates+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/django-updates/01070184004a34d2-9e17aaa7-d54d-40b2-aac9-2b0c8a6f48ba-000000%40eu-central-1.amazonses.com.

Reply via email to