Re: restricting non superuser from accessing other
От | Oliver Elphick |
---|---|
Тема | Re: restricting non superuser from accessing other |
Дата | |
Msg-id | 1094566548.12019.41.camel@linda обсуждение исходный текст |
Ответ на | Re: restricting non superuser from accessing other databases (David Garamond <lists@zara.6.isreserved.com>) |
Ответы |
Re: restricting non superuser from accessing other
|
Список | pgsql-general |
On Tue, 2004-09-07 at 14:35, David Garamond wrote: > Oliver Elphick wrote: > >>I am setting up a single PostgreSQL installation to be used by several > >>users. Can I restrict a database user from connecting and creating > >>objects in other databases but his/her own? So far I can only restrict a > >>user from creating more databases or users. > >> > >>(Yes, I have set up a proper pg_hba.conf, but once a user is connected, > >>he can switch to another database, e.g. with "\c otherdb" in psql). > > > > Not unless pg_hba.conf allows it. You could set up explicit > > database/user combinations there. > > Thanks! So I must modify and kill -HUP postmaster everytime a new db is > added. Is there something like this in pg_hba.conf? > > local owndb all md5 > > where "owndb" means only allow a user to connect only to db he/she owns. No. You would have to have: local his_db that_user md5 for each user/database combination. There is an option db_user_namespace in postgresql.conf, which is normally off. See http://www.postgresql.org/docs/7.4/interactive/runtime-config.html under section 16.4.1. I haven't ever used this facility. -- Oliver Elphick olly@lfix.co.uk Isle of Wight http://www.lfix.co.uk/oliver GPG: 1024D/A54310EA 92C8 39E7 280E 3631 3F0E 1EC0 5664 7A2F A543 10EA ======================================== "For whosoever shall call upon the name of the Lord shall be saved." Romans 10:13
В списке pgsql-general по дате отправления: