Re: All users can enter as one user "puser" without
| От | Andrew G. Hammond |
|---|---|
| Тема | Re: All users can enter as one user "puser" without |
| Дата | |
| Msg-id | 1008579564.722.1.camel@xyzzy обсуждение исходный текст |
| Ответ на | All users can enter as one user "puser" without superuser priviledges: how? (Jameson Burt <jameson@mnsinc.com>) |
| Список | pgsql-admin |
On Mon, 2001-12-17 at 01:42, Jameson Burt wrote: > I seek a simplistic access, > > 1. superuser "postgres" gets access when his system-name is "postgres", > but not otherwise [some security sought]. > This can be done in pg_hba.conf with either > local all peer sameuser > local all trust #but anyone then gets "postges" access. > > 2. One other user, say "puser", gets access whatever his system-name. > The above > local all peer sameuser > disallows an arbitrary username entering as "psql template1 -U puser". > One can use > host all 127.0.0.1 255.0.0.0 ident jimsmap > then have pg_ident.conf with 1000 user entries like > jimsmap jameson puser > However, I seek a simpler method for numerous users, > each of whom will be granted access as user "puser". > ANY IDEAS? Have each user log in from the same UNIX account. Instead of trying to make all users into one user, which is almost never a good idea, why not just use the PUBLIC concept in the database's access control system? Give each user their own userid, and GRANT necessary access to PUBLIC. -- Andrew G. Hammond mailto:drew@xyzzy.dhs.org http://xyzzy.dhs.org/~drew/ 56 2A 54 EF 19 C0 3B 43 72 69 5B E3 69 5B A1 1F 613-389-5481 5CD3 62B0 254B DEB1 86E0 8959 093E F70A B457 84B1 "To blow recursion you must first blow recur" -- me
Вложения
В списке pgsql-admin по дате отправления: