| From: | Andrew Dunstan <andrew(at)dunslane(dot)net> |
|---|---|
| To: | Thom Brown <thombrown(at)gmail(dot)com> |
| Cc: | Glyn Astill <glynastill(at)yahoo(dot)co(dot)uk>, pgsql-hackers(at)postgresql(dot)org |
| Subject: | Re: Feature request: permissions change history for auditing |
| Date: | 2009-11-30 14:00:01 |
| Message-ID: | 4B13CFE1.2060602@dunslane.net |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
Thom Brown wrote:
> 2009/11/30 Glyn Astill <glynastill(at)yahoo(dot)co(dot)uk
> <mailto:glynastill(at)yahoo(dot)co(dot)uk>>
>
> --- On Mon, 30/11/09, Thom Brown <thombrown(at)gmail(dot)com
> <mailto:thombrown(at)gmail(dot)com>> wrote:
>
> > As far as I am aware, there is no way to tell when a
> > user/role was granted permissions or had permissions
> > revoked, or who made these changes. I'm wondering if
> > it would be useful for security auditing to maintain a
> > history of permissions changes only accessible to
> > superusers?
>
> I'd have thought you could keep track of this in the logs by
> setting log_statement >= ddl ?
>
> I'm pretty sure this is a feature that's not wanted, but the
> ability to add triggers to these sorts of events would surely make
> more sense than a specific auditing capability.
>
>
> I concede your suggestion of the ddl log output. I guess that could
> then be filtered to obtain the necessary information.
>
>
This could probably be defeated by making the permissions changes in a
stored function. Or even a DO block, I suspect, unless you had
log_statement = all set.
I do agree with Glyn, though, that making provision for auditing one
particular event is not desirable.
cheers
andrew
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Peter Eisentraut | 2009-11-30 14:03:21 | Re: Patch: Remove gcc dependency in definition of inline functions |
| Previous Message | Thom Brown | 2009-11-30 13:46:00 | Re: Feature request: permissions change history for auditing |