| From: | Travis Hume <travis(dot)hume(at)tenzing(dot)com> |
|---|---|
| To: | |
| Cc: | pgsql-general(at)postgresql(dot)org |
| Subject: | Re: can't "grant all on database..." |
| Date: | 2003-06-18 22:25:27 |
| Message-ID: | 3EF0E6D7.3000903@tenzing.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general |
Yeah, I did limit access to a single database. All this hassle is to
support our testing efforts. The deployed database runs in a very
restricted environment.
Thanks for the help.
Stephan Szabo wrote:
>On Wed, 18 Jun 2003, Travis Hume wrote:
>
>
>
>>So I ended up doing this:
>>
>> create user ruser createuser;
>>
>>and then limiting where he can connect from through pg_hba.conf file.
>>
>>
>
>I think createuser implies superuser access. If you do that, you're
>probably also going to want to control what databases he can connect to
>not just from where (if you haven't already). And, you need to be
>careful with untrusted pl languages, but it might be easiest to just not
>build any.
>
>
>
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Andrew Snow | 2003-06-18 22:38:52 | Re: A creepy story about dates. How to prevent it? |
| Previous Message | Stephan Szabo | 2003-06-18 22:06:16 | Re: can't "grant all on database..." |