| From: | Tomasz Myrta <jasiek(at)klaster(dot)net> |
|---|---|
| To: | pgsql-sql(at)postgresql(dot)org |
| Subject: | multi-user and multi-level database access |
| Date: | 2002-12-11 23:55:35 |
| Message-ID: | 3DF7D077.9060904@klaster.net |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-sql |
Hi
I want to protect my database against unauthorised data destruction
(Postgresql 7.2) I have some applications accesing database, each one
does other things and there is a lot of users using these applications.
Here is my solution:
- each application has one postgresql group (create group...)
- i have a lot of grants/revokes for these groups
- there is a table named "users" which contains logins, user names and
other useful information.
- after inserting a row to table "users", inside plpgsql function
I "create user <login>"
- for each application I "alter group application_group add user <login>"
My questions are:
- how to check if some postgresql user exists? I found them in table
pg_shadow, but selecting this table is legal?
- how to change postgresql user login? Do I have to drop/create user, or
I can update table pg_shadow?
- is it possible to revoke some privileges to all tables without listing
them? I want to revoke all trigger/references/rule to all users without
database owner.
And one additional question - not exactly to this list:
- did anyone compile libpq under MsWindows with ssl?
Regards,
Tomasz Myrta
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Josh Berkus | 2002-12-12 01:02:40 | Re: trigger to maintain relationships |
| Previous Message | Manfred Koizar | 2002-12-11 18:59:00 | Re: error in copy table from file |