| From: | Jim Nasby <Jim(dot)Nasby(at)BlueTreble(dot)com> |
|---|---|
| To: | Greg Fodor <gfodor(at)gmail(dot)com>, Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
| Cc: | <pgsql-general(at)postgresql(dot)org> |
| Subject: | Re: Privileges on public schema can't be revoked? |
| Date: | 2016-09-07 22:55:47 |
| Message-ID: | 7b9bbe51-6b6d-dd34-77be-a4043c36d323@BlueTreble.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general |
On 9/6/16 3:16 PM, Greg Fodor wrote:
> It seems that functionality that lets a superuser quickly audit the
> privileges for a user (including those granted via PUBLIC) would be
> really helpful for diagnosing cases where that user can do something
> they shouldn't be allowed to.
That's actually relatively easy to do today; see the has_*_privilege()
functions.
You might also find http://pgxn.org/dist/pg_acl useful.
--
Jim Nasby, Data Architect, Blue Treble Consulting, Austin TX
Experts in Analytics, Data Architecture and PostgreSQL
Data in Trouble? Get it in Treble! http://BlueTreble.com
855-TREBLE2 (855-873-2532) mobile: 512-569-9461
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Jim Nasby | 2016-09-07 23:00:59 | Re: 2.5TB Migration from SATA to SSD disks - PostgreSQL 9.2 |
| Previous Message | Patrick B | 2016-09-07 22:55:45 | Re: Postgres UPGRADE from 9.2 to 9.4 |