From: | Vincent Veyron <vv(dot)lists(at)wanadoo(dot)fr> |
---|---|
To: | pgsql-general(at)postgresql(dot)org |
Subject: | Re: Proper use of Groups and Users (Roles). |
Date: | 2016-02-16 10:39:34 |
Message-ID: | 20160216113934.5fe0a70544b4bd8c6bb372a9@wanadoo.fr |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-general |
On Mon, 15 Feb 2016 12:06:28 -0500
Melvin Davidson <melvin6925(at)gmail(dot)com> wrote:
> I wrote a short article to explain the proper use of Group and Userss in the database.
Hi Melvin,
Thanks for the explanation, it makes things easy to understand.
One question :
> Although GRANT ALL, at first appears to simplify granting permissions, it is actually a very bad practice that is often misused. That is because doing so would also allow groups and ordinary users the following additional privileges: TRUNCATE, REFERENCES & TRIGGER.
If a user has DELETE rights on a table, I don't see how granting him TRUNCATE makes that much of a difference? Same could be said of the other two, it's not like they are going to cause more damage than the previous rights.
--
Bien à vous, Vincent Veyron
https://marica.fr/
Gestion des contentieux, des dossiers de sinistres assurance et des contrats pour le service juridique
From | Date | Subject | |
---|---|---|---|
Next Message | Daniel Pocock | 2016-02-16 11:43:20 | pgDay Asia / talks / lightning talks |
Previous Message | Chris Travers | 2016-02-16 08:30:23 | Re: Suggest note in index documentation about long running transactions |