| From: | Martijn van Oosterhout <kleptog(at)svana(dot)org> |
|---|---|
| To: | developer(at)wexwarez(dot)com |
| Cc: | pgsql-general(at)postgresql(dot)org |
| Subject: | Re: grant all privileges on database |
| Date: | 2006-12-13 20:25:25 |
| Message-ID: | 20061213202525.GC15546@svana.org |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general |
On Wed, Dec 13, 2006 at 12:20:03PM -0800, developer(at)wexwarez(dot)com wrote:
> grant all privileges on database test to auser
>
> As far as I can tell this does nothing. Intuitively this command suggests
> that the auser would be able to access and modify the database test in
> anyway. It would also suggest that as new tables for the database auser
> would automatically have access to them.
It's not intuitive to me. Just like granting full access to the root of
a filesystem does not grant you access to every file on it. Each
directory and file needs to be done also.
> Instead it appears that we have to still individually grant access to
> tables on an individual basis. It seems to me that if it did pass these
> blanket privileges on it would be very useful and make administration a
> lot easier. While it is not hard to initially grant the individual access
> (i am looking for a script) it is a pain in the butt to maintain. Is this
> in fact how it works?
I beleive the usual approach is you create a role and give permissions
to tables to that role and then for each user that comes along, you
assign that role to the user.
That makes administration easier I think.
Have a nice day,
--
Martijn van Oosterhout <kleptog(at)svana(dot)org> http://svana.org/kleptog/
> From each according to his ability. To each according to his ability to litigate.
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Ron Mayer | 2006-12-13 20:42:16 | Re: MySQL drops support for most distributions |
| Previous Message | developer | 2006-12-13 20:20:03 | grant all privileges on database |