| From: | Vincent Veyron <vv(dot)lists(at)wanadoo(dot)fr> |
|---|---|
| To: | pgsql-general(at)postgresql(dot)org |
| Subject: | Re: Proper use of Groups and Users (Roles). |
| Date: | 2016-02-16 10:39:34 |
| Message-ID: | 20160216113934.5fe0a70544b4bd8c6bb372a9@wanadoo.fr |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general |
On Mon, 15 Feb 2016 12:06:28 -0500
Melvin Davidson <melvin6925(at)gmail(dot)com> wrote:
> I wrote a short article to explain the proper use of Group and Userss in the database.
Hi Melvin,
Thanks for the explanation, it makes things easy to understand.
One question :
> Although GRANT ALL, at first appears to simplify granting permissions, it is actually a very bad practice that is often misused. That is because doing so would also allow groups and ordinary users the following additional privileges: TRUNCATE, REFERENCES & TRIGGER.
If a user has DELETE rights on a table, I don't see how granting him TRUNCATE makes that much of a difference? Same could be said of the other two, it's not like they are going to cause more damage than the previous rights.
--
Bien à vous, Vincent Veyron
https://marica.fr/
Gestion des contentieux, des dossiers de sinistres assurance et des contrats pour le service juridique
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Daniel Pocock | 2016-02-16 11:43:20 | pgDay Asia / talks / lightning talks |
| Previous Message | Chris Travers | 2016-02-16 08:30:23 | Re: Suggest note in index documentation about long running transactions |