Hi,
> > 2.Why the authentication system is not integrated
> in
> > the system databases of pgSQL,like in MySQL for
> > example?
>
> Because there's a bootstrapping problem: You would
> have to connect to the
> database to change the authentication settings, but
> in order to connect
> you have to be authenticated.
>
I Can't pealize the problem, First you have to use the
authentication settings made before to connect and
modify them and they will take effect on the next
connection. For example when you connect to UNIX
machine AAA via telnet from host BBB and modify
hostst.deny and hosts.allow of AAA in order to deny
connnections from BBB. In this case all connections
from BBB will not be terminated but new ones will not
be accepted.
> > 3.Are there any plans in making security system
> more
> > flexible?
>
> Sure. I'm planning some work on that very soon. Any
> suggestions you might
> want to contribute?
>
Here are some points of interest for me.
1. To allow or deny to user to create tables views
and etc. This could be done with CREATE privilege.I
know there is a work on this.
2. To allow or deny to users to grant the privileges
they have to others. For example:
"GRANT ALL ON mytable TO someuser WITH GRANT OPTION;"
3. Is there any way to allow or deny executing the
procedures? I think pgSQL needs something like:
"GRANT EXECUTE ON someprocedure to SOMEUSER;
4. To allow or deny some users to connect to some
databases just by modyfying the system database using
SQL queries.(This is connected with the integration
of the authentication system in the pgSQL system
databases).according to me the method used now is
somewhat clumsy and old-fasioned.
Best regards:
Rumen
__________________________________________________
Do You Yahoo!?
Send instant messages & get email alerts with Yahoo! Messenger.
http://im.yahoo.com/