| From: | Jon August <jon(at)internection(dot)com> |
|---|---|
| To: | Chris Ruprecht <chrup999(at)yahoo(dot)com> |
| Cc: | PostGreSQL Admin Group <pgsql-admin(at)postgresql(dot)org> |
| Subject: | Re: user to database restriction? |
| Date: | 2002-02-11 00:22:34 |
| Message-ID: | Pine.LNX.4.21.0202101913530.6312-100000@www.internection.com |
| Views: | Whole Thread | Raw Message | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-admin |
That seems like a lot of work. . . and could become easily outdated. No?
How about in pg_hba.conf? There's no way to say only user xyz can connect
to database abc?
I tried something like this in my pg_hba.conf, but now nobody can connect
to it.
local all password postgres
host all xxx.xxx.xxx.xxx 255.255.255.255 password postgres
local shopdb password mark
host shopdb xxx.xxx.xxx.xxx 255.255.255.255 password mark
I was hoping this config would permit user "postgres" to connect to any
database, but limit user "mark" to shopdb.
Maybe I'm missing something, but isn't this a serious security problem for
postgres installations used by many people - like in an ISP environment?
-Jon
On Sun, 10 Feb 2002, Chris Ruprecht wrote:
> Jon,
>
> the only way I can think of doing this is by revoking the user's
> rights to the tables of the databases they have no business in.
>
> I know this is not exactly the answer you're looking for ...
>
> Best regards,
> Chris
>
> At 17:54 -0500 02/10/2002, Jon August wrote:
> >Can I restrict a user to a single database? It seems like any user can
> >connect to any database. . .
> >
> > -Jon
> >
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Tom Lane | 2002-02-11 00:35:44 | Re: restore whoes |
| Previous Message | Chris Ruprecht | 2002-02-11 00:14:03 | Re: Re-nameing a database? |