Andrew Sullivan <ajs(at)crankycanuck(dot)ca> writes:
> On Mon, Jul 09, 2007 at 02:13:55PM -0400, Tim Olsen wrote:
>> like the user to be granted createdb permission for only a particular
>> database. I don't believe this is possible in postgresql. Is there a
>> dropdb-followed-by-createdb equivalent the user could use?
> You could, however, limit all of this by giving sudo access to the
> person in question, where the sudo access is for a (set of) script(s)
> that achieve what you want (e.g. scripts with the appropriate
> createdb, psql -c "something" &c. inside them).
A SECURITY DEFINER function (living in some other database of course)
could accomplish this without going outside Postgres.
regards, tom lane