| From: | thhal at mailblocks(dot)com (Thomas Hallgren) |
|---|---|
| To: | |
| Subject: | [Pljava-dev] Re: PL Java Security (sqlj / owner postgres) |
| Date: | 2005-02-06 18:34:17 |
| Message-ID: | thhal-0rvvhAnsHxicVXA4ct4CXP2LxR71l4D@mailblocks.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pljava-dev |
Ing. Filip Hrbek wrote:
>
> > Filip,
> > > SQLJ Schema security:
> > > -----------------------------------
> > > The SQLJ schema is authorized to user postgres.
> > >
> > Why? In my installation, I don\'t have a postgres user. Is
> \"postgres\" a
> > non-superuser in your setup?
>
> Yes, you are right. There is no reason to have a \"postgres\" user. I
> am just used to have it as a default (and the only) superuser.
>
> I wrote the \"checkIfConnectedAsSuperuser\" method in the source (I
> can see it already in CVS :-), this check should be sufficient. The
> SQLJ schema and its object can be owned by another supersuser who is
> deploying pl/Java, not only by the default \"postgres\" user. The only
> important thing is that the SQLJ objects owner has the superuser flag
> \"on\".
Ok, great. I removed the use of "postgres" user. I also added so that
only user that have CREATE permissions on a schema can do set_classpath
on that schema. I added a note about security inthe userguide.html.
- thomas
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Thomas Hallgren | 2005-02-07 20:14:50 | [Pljava-dev] ANN: PLJava 1.0.1 released |
| Previous Message | Ing. Filip Hrbek | 2005-02-06 16:18:44 | [Pljava-dev] Re: PL Java Security (sqlj / owner postgres) |