tags:

views:

148

answers:

2
+4  Q: 

Is it safe to delete the 3 default databases created during a PostgreSQL install?

I installed a default installation of PostgreSQL 8.4 on Windows 2003 Server, using the one-click installer provided. Running psql -l for the first time, I noticed there are three databases installed by default: postgres, template0, and template1.

Being security-minded, my initial reaction is to delete or change default configurations. However, I also know I haven't a clue regarding databases (as this install is my first step in self-learning about databases), so I thought I would ask first.

Is it safe to delete these?

+2  A: 

Basically - no.

postgres database is here as a non-template database with reasonable guarantee that it exists - so any script that doesn't know where to connect to, can connect there.

if you will remove template1 - you will lose the ability to create new databases (at least easily).

template0 is there as a backup, in case your template1 got damaged.

While I can theoretically imagine a working database with no template* and postgres databases, the thing that bugs me is that i have no idea what (security-wise) you want to achieve by removing them.

depesz  2009-07-16 03:59:01
It isn't necessarily a wish to remove them if they are necessary -- often things (not Postgres necessarily) are installed by default that are unnecessary and insecure, such as many of the services enabled by default in Windows XP for example. Or older MS SQL installs with blank 'sa' passwords. I wanted to know if the 3 installed by default are necessary -- it seems like having at least template1 is necessary, and template0 is nice to have as a backup, but that postgres seems to be superfluous. Is this correct?
romandas  2009-07-17 01:03:42
If none of your programs assume existence of postgres database - you can remove it. I wouldn't remove template[01] for a lot of reasons. But then again - I wouldn't also bother to remove postgres database. What good does it do to you (removal)? What vector of attack will be impossible without this database?
depesz  2009-07-17 12:50:31
The question should be 'What operational need does keeping the postgres database address?' If there isn't one, you shouldn't have it. Minimize, minimize, minimize. Just because I cannot think of an attack against it doesn't mean there isn't one; after all, I'm doing this install specifically to learn since I'm completely inexperienced with databases.
romandas  2009-07-17 21:55:24
A: 

You can delete the postgres but do not touch template0 or template1. The postgres database is there for convenience.

 2009-07-17 19:00:45

related questions

Verifying files for testing
How do you create your own moniker (URL Protocol) on Windows systems?
Windows Equivalent of 'nice'
Is this a good way to determine OS Architecture?
Dual vs. Quadcore on a Webserver
Is there a WMI Redistributable Package?
PHP Error - Uploading a file
Ruby On Rails with Windows Vista - Best Setup?
OpenVPN Config file to prevent timeout
How can I create Debian install packages in Windows for a Visual Studio project?
How do I configure and communicate with a serial port?
What's the best setup for Mono development on Windows?
Appropriate pagefile size for SQL Server
XML Editing/Viewing Software
Linux shell equivalent on IIS
What is a better file copy alternative than the Windows default?
Windows Help files - what are the options?
Heap corruption under Win32; how to locate?
Best way to access Exchange using PHP?
Get a preview jpeg of a pdf on windows?
WinForms ComboBox data binding gotcha
How do you schedule tasks in Windows?
Register Windows program with the mailto protocol programmatically
Embedding Windows Media Player for all Browsers
Best Subversion clients for Windows Vista (64bit)