--- Peter Eisentraut <e99re41@DoCS.UU.SE> wrote:
> On Mon, 19 Jun 2000, R D wrote:
>
> > Hi,I need a secondary passwd files because I do
> not
> > know another way to manage user access to DBs.
>
> That's what I thought.
>
> > If there was a pg_shadow in every DB replacing
> external passwd file,
>
> Hmm, that would be in semi-violation of SQL, since
> users are supposed to
> be global. We've been thinking about making
> per-database *passwords* for
> each user, but I don't think this buys a lot.
>
> > Or maybe it would be better and more reasonable to
> use a table in
> > every database with the list of users who can
> access the database and
> > their privileges on it.
>
> That could be a problem. Assume you delete all users
> from that table. How
> do you get back in and add any? But something like
> this is clearly needed,
> it just can't be in the database -- probably
> pg_hba.conf.
>
Ok, But why it should be outside the DBs?!? I think
that all user information should be stored comletely
inside or completely outside. Any other way of doing
this is not reasnonable(put politely). All this
information could be stored in some system table like
users ;). It's stupid to create user two times, once
in database, once in pg_hba.conf or whereever else.
What do you think? Am I right?
Rumen
p.s. Btw what will happen if U delete all users from
pg_user? :)
__________________________________________________
Do You Yahoo!?
Send instant messages with Yahoo! Messenger.
http://im.yahoo.com/