| From: | Andrew Dunstan <andrew(at)dunslane(dot)net> |
|---|---|
| To: | Merlin Moncure <merlin(dot)moncure(at)rcsonline(dot)com> |
| Cc: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>, pgsql-hackers(at)postgresql(dot)org |
| Subject: | Re: Views, views, views: Summary of Arguments |
| Date: | 2005-05-13 15:49:36 |
| Message-ID: | 4284CC90.7090407@dunslane.net |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
Merlin Moncure wrote:
>I tried it from that angle and could only come up with two modes:
>'pgadmin on' and 'pgadmin off' (per user). If you can do better, I'd be
>thrilled. I also don't want to overblow my own argument...the database
>can be secured quite effectively if you know what to do. It would just
>be nice to have a little flexibility.
>
>I suppose a hardening script, internal or external to the project is a
>reasonable way of addressing my security concerns, if not superior.
>
>
>
>
My approach was to remove all significant permissions (including on the
catalog) from public and regrant them to a pseudopublic group,
comprising designated users. The designated users would notice no
difference at all, while everyone else would be able to see only what
was explicitly granted to them. But there would be lots of testing and
thinking to be done before releasing it into the wild :-)
cheers
andrew
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Josh Berkus | 2005-05-13 16:30:41 | Re: Views, views, views: Summary of Arguments |
| Previous Message | Merlin Moncure | 2005-05-13 15:23:57 | Re: Views, views, views: Summary of Arguments |