From: | Sim Zacks <sim(at)compulab(dot)co(dot)il> |
---|---|
To: | Willy-Bas Loos <willybas(at)gmail(dot)com> |
Cc: | pgsql-general(at)postgresql(dot)org |
Subject: | Re: create a limited user in Postgre |
Date: | 2008-01-22 08:00:33 |
Message-ID: | 4795A2A1.2050606@compulab.co.il |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-general |
That's because the definitions of the functions are not stored in the
schema.
functions are stored in the pg_catalog schema in the pg_proc table and
views are accessible via the multiple pg_get_viewdef functions in the
same schema.
If you block access to that table and fucntion then pgadmin would not be
able to show the function or view definition.
However, as long as the user has access to a backup, they have access to
all the definitions, no matter what you do.
Sim
-------- Original Message --------
Subject: [GENERAL] create a limited user in Postgre
From: Willy-Bas Loos <willybas(at)gmail(dot)com>
To: Sim Zacks <sim(at)compulab(dot)co(dot)il>
Date: Tuesday, January 22, 2008 09:53:13 AM
> >and another that only could make queries and could not see nor
> >modify the functions.
> Up until 8.1 it is possible to see all the functions (plpgsql code) in
> pgAdmin, even if you don't have access rights to the schema.
> I'm not sure how this is in 8.2 or 8.3?
>
> WBL
>
> On Jan 22, 2008 7:02 AM, Sim Zacks <sim(at)compulab(dot)co(dot)il
> <mailto:sim(at)compulab(dot)co(dot)il>> wrote:
>
> That's not very open-source of you. LOL.
>
> Aside from database permission issues, which are not a problem,
> you would also
> have to not give them superuser access to their own database
> server (something
> that a lot of companies will not be happy with). Especially if
> they want to the
> possibility of other databases on the server. You would also have
> to prevent
> them from holding onto the backups, something that most companies
> would not
> tolerate at all.
>
> sim
>
>
>
> Guillermo Arias wrote:
> > Hi, i have a question:
> >
> > I have a database and i want to create a administrator user with
> total
> > control and another that only could make queries and could not
> see nor
> > modify the functions.
> >
> > The reason is that in the database that i will distribute are the
> > functions with a big part of the software logics and i do not want
> > these to be seen by my customers.
> >
> > Thanks in advance, Guillermo
>
> ---------------------------(end of
> broadcast)---------------------------
> TIP 1: if posting/reading through Usenet, please send an appropriate
> subscribe-nomail command to majordomo(at)postgresql(dot)org
> <mailto:majordomo(at)postgresql(dot)org> so that your
> message can get through to the mailing list cleanly
>
>
From | Date | Subject | |
---|---|---|---|
Next Message | Albe Laurenz | 2008-01-22 08:04:35 | Re: Views and permissions |
Previous Message | Willy-Bas Loos | 2008-01-22 07:53:13 | Re: create a limited user in Postgre |