| From: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
|---|---|
| To: | elwood(at)agouros(dot)de (Konstantinos Agouros) |
| Cc: | pgsql-general(at)postgresql(dot)org |
| Subject: | Re: General Security-Question |
| Date: | 2001-06-18 21:19:23 |
| Message-ID: | 8654.992899163@sss.pgh.pa.us |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general |
elwood(at)agouros(dot)de (Konstantinos Agouros) writes:
> Since I must grant update/insert/delete access to this table to everybody
> that can use this application, how can I stop people from updating the data
> of the others.
Triggers that compare current_user to the userid column of the table,
perhaps?
You might well be better off with the other solution (one database
userid, enforce restrictions in application), however. If most of the
people involved here have no reason to be accessing the database for
other purposes, I'd be inclined not to set up a database userid for each
of them.
regards, tom lane
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Joel Burton | 2001-06-18 22:19:52 | Re: Add primary and unique keys |
| Previous Message | Doug McNaught | 2001-06-18 21:10:28 | Re: General Security-Question |