| From: | "James B(dot) Byrne" <byrnejb(at)harte-lyne(dot)ca> |
|---|---|
| To: | pgsql-general(at)postgresql(dot)org |
| Subject: | OT DBA type question - GRANT PRIVILEDGE |
| Date: | 2011-12-08 21:46:39 |
| Message-ID: | 46919.216.185.71.25.1323380799.squirrel@webmail.harte-lyne.ca |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general |
Do many of you implement fine grained security provisions
at the DBMS level using GRANT PRIVILEGE ON object TO
user/role? My background with DBMS security is mostly in
CODASYL shallow network systems where user level access
control to datasets and fields was mainly a matter for the
application and / or operating system. Therefor the
number of user ids known to the DBMS was minimal.
The topic of RDBMS security has arisen in a discussion
and, lacking evidence of my own, I am curious to discover
just how frequently DBMS userids tied to specific
individuals are used in production RDBMS based systems. I
am also curious to know how often VIEWS are tied to
individual user IDs known to the DBMS rather than to
shared user IDs known only to an application through a
configuration file.
This is not really a PG specific question so if anyone
wishes to reply privately rather than to the list that is
fine with me.
Thanks,
--
*** E-Mail is NOT a SECURE channel ***
James B. Byrne mailto:ByrneJB(at)Harte-Lyne(dot)ca
Harte & Lyne Limited http://www.harte-lyne.ca
9 Brockley Drive vox: +1 905 561 1241
Hamilton, Ontario fax: +1 905 561 0757
Canada L8E 3C3
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Scott Mead | 2011-12-08 21:57:58 | Re: Database system identifier via SELECT? |
| Previous Message | Chris Deadlock | 2011-12-08 21:40:08 | Question regarding authentication/login |