Best practice to create a read-only user?

From: matthias ritzkowski <matthias(at)marlinmobile(dot)com>
To: pgsql-admin(at)postgresql(dot)org
Subject: Best practice to create a read-only user?
Date: 2013-05-03 14:03:02
Message-ID: 20130503100302.0000043e@unknown
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-admin

Hello,

Usually I would

create user uuu password 'ppp';
GRANT usage on schema zzz to uuu;
GRANT select on all tables in schema zzz to uuu;

But just this morning someone used
create user uuu password 'ppp';
alter user uuu set default_transaction_read_only = on;
GRANT select on all tables in schema zzz to uuu;

So I only added the grant usage and it worked fine.
What do people use day to day?

I had frankly never explored the default_transaction_read_only
parameter ...

--

regards
Matthias Ritzkowski
-marlinmobile-

Responses

Browse pgsql-admin by date

  From Date Subject
Next Message Marcelo Verissimo 2013-05-03 14:24:51 RES: Problem: pg_hba.conf is automatically rewritten every day
Previous Message Nghia Truong 2013-05-03 13:45:01 Problem: pg_hba.conf is automatically rewritten every day