| From: | Ries van Twisk <pg(at)rvt(dot)dds(dot)nl> |
|---|---|
| To: | "Gauthier, Dave" <dave(dot)gauthier(at)intel(dot)com> |
| Cc: | "pgsql-general(at)postgresql(dot)org" <pgsql-general(at)postgresql(dot)org> |
| Subject: | Re: column level, uid based authorization to update columns |
| Date: | 2009-09-03 17:25:01 |
| Message-ID: | 8D3E077A-BE8B-4DCF-9325-55F8D46E5F57@rvt.dds.nl |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general |
On Sep 3, 2009, at 12:17 PM, Gauthier, Dave wrote:
> In linux, given the linux based uid of the user, how might someone
> implement column level update restrictions on a uid basis? For
> example...
>
> create table foo (strcol varchar(256), intcol integer);
>
> Now, I want linux processes runing under uid “joesmith” to be able
> to update strcol but not intcol. Some other user could update
> intcol but not strcol. Others could update both, others neither.
> I’m also willing to give you a table that maps all uids to the
> columns they can update, something you could ref in a constraint or
> update trigger or something. So that might be something like...
>
> create table foo_auth (uid varchar(256), cols text[]);
> insert into foo_auth (uid,cols) values
> (‘joesmith’,’{‘strcol’}’);
> insert into foo_auth (uid,cols) values (‘jillbrown’,’{‘intcol’}’);
> insert into foo_auth (uid,cols) values
> (‘thedba’,’{‘strcol’,’intcol’}’);
>
> Thanks in Advance !
>
http://wiki.postgresql.org/wiki/SEPostgreSQL
Ries
| From | Date | Subject | |
|---|---|---|---|
| Next Message | David Fetter | 2009-09-03 18:02:18 | Re: column level, uid based authorization to update columns |
| Previous Message | Gauthier, Dave | 2009-09-03 17:17:15 | column level, uid based authorization to update columns |