From: | Michael Orlitzky <michael(at)orlitzky(dot)com> |
---|---|
To: | pgsql-general(at)postgresql(dot)org |
Subject: | Re: (Default) Group permissions |
Date: | 2013-07-01 13:34:24 |
Message-ID: | 51D18560.50603@orlitzky.com |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-general |
On 06/30/2013 09:56 PM, Andrew Sullivan wrote:
> On Sun, Jun 30, 2013 at 09:31:18PM -0400, Michael Orlitzky wrote:
>> (why do I get the feeling nobody is going to check out the repo):
>
> Probably because you're asking random strangers on the Internet to
> help you solve their problems, and many of such strangers have other
> things to do than go somewhere else to learn about your problems.
>
It's a link to a README file. You certainly don't have to clone the repo
and run the scripts.
>> # Admins can do anything.
>
> You've been able to create this situation with the superuser flag for
> as long as I can remember (I started with Postgres in the 6.5.x era,
> but I won't claim my memory goes back that far).
>
I'm not giving root to people who don't need it. They need to be able to
read/write any database.
>> # The customer's developers can access their own projects.
>
> Surely this is the "create a database per user" issue. Give each dev
> user a ROLE that is the same as the owner of the database. This has
> been available for many releases.
>
>> # The anonymous user can only read things.
>
> Create a role that can read anything (in a database? In all
> databases? You don't say) and GRANT that automatically to these anon
> users. This has been possible for ages.
>
In one database. The example.com user should be able to read the
example.com database. If you can come up with a way to grant permissions
automatically, I'd like to hear it. You can do it for a user but not for
a group, which is the whole problem I'm trying to describe.
>> This will work for eternity, and is perfectly secure.
>
> It is not even remotely "perfectly" secure. It has truck-sized holes.
I defined a set of requirements, and these permissions exactly meet them
without granting anyone access that they don't need. That's what I want.
I'm not going to argue over the meaning of "secure."
From | Date | Subject | |
---|---|---|---|
Next Message | Michael Orlitzky | 2013-07-01 13:49:14 | Re: (Default) Group permissions |
Previous Message | Albe Laurenz | 2013-07-01 11:36:49 | Re: Postgres case insensitive searches |