| From: | Oliver Elphick <olly(at)lfix(dot)co(dot)uk> |
|---|---|
| To: | David Garamond <lists(at)zara(dot)6(dot)isreserved(dot)com> |
| Cc: | pgsql-general(at)postgresql(dot)org |
| Subject: | Re: restricting non superuser from accessing other |
| Date: | 2004-09-07 10:45:48 |
| Message-ID: | 1094553947.12019.14.camel@linda |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general |
On Tue, 2004-09-07 at 11:28, David Garamond wrote:
> I am setting up a single PostgreSQL installation to be used by several
> users. Can I restrict a database user from connecting and creating
> objects in other databases but his/her own? So far I can only restrict a
> user from creating more databases or users.
>
> (Yes, I have set up a proper pg_hba.conf, but once a user is connected,
> he can switch to another database, e.g. with "\c otherdb" in psql).
Not unless pg_hba.conf allows it. You could set up explicit
database/user combinations there.
Another thing you can do is to delete the public schema in new
databases. The public schema is, by default, accessible to all users;
other schemas are accessible only to their creators unless permissions
are granted on them.
--
Oliver Elphick olly(at)lfix(dot)co(dot)uk
Isle of Wight http://www.lfix.co.uk/oliver
GPG: 1024D/A54310EA 92C8 39E7 280E 3631 3F0E 1EC0 5664 7A2F A543 10EA
========================================
"For whosoever shall call upon the name of the Lord
shall be saved." Romans 10:13
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Alex Soto | 2004-09-07 10:48:35 | Help supressing NOTICE messages |
| Previous Message | Devrim GUNDUZ | 2004-09-07 10:31:55 | Re: postgres 8 performance |