Read more

postgresql create extension without giving the application superuser rights

Kim Klotz
August 20, 2015Software engineer at makandra GmbH

If you need a postgresql extension for your database it isn't a good idea to give your applications database user superuser rights (like many people on stackoverflow think)

Illustration online protection

Rails Long Term Support

Rails LTS provides security patches for old versions of Ruby on Rails (2.3, 3.2, 4.2 and 5.2)

  • Prevents you from data breaches and liability risks
  • Upgrade at your own pace
  • Works with modern Rubies
Read more Show archive.org snapshot

Just login to the database with a superuser account (e.g. postgres) and create the extension with it.

Example:

# with the default configuration of postgresql you normally can login as `postgres` user
# without a password if you use the systems `postgres` user
$ sudo su -l postgres
$ pgsql
postgres=# \c your_database;
psql (9.3.9, server 9.3.5)
You are now connected to database "your_database" as user "postgres".
your_database =# CREATE EXTENSION "uuid-ossp";
CREATE EXTENSION
your_database =# \q
$ logout
Posted by Kim Klotz to makandra dev (2015-08-20 18:23)