Hello All,
We are developing an application that will allow our websites to talk to our
database.
In the interest of security, I am wondering if it is possible to turn off some
of the functions in the SQL command list such that a user can only communicate
to the database through our functions.
What I mean is this. We have built a number of "C" extensions and PL/pgSQL
proceedures that will work on our database, but I only want to allow an outside
query to only one or two of our selected entry points.
The webserver interface query statement might, for example, be able to only
call "select register_user(.......)" or "select login_user(....)" and NONE of
the other PostgreSQL command functions.
I only want to allow access to these functions from the outside world, but the
server needs to be able to execute all of the original functions without
restrictions.
Any information on this would be greatly appreciated,
Lonnie
__________________________________________________
Do You Yahoo!?
Yahoo! Auctions - buy the things you want at great prices
http://auctions.yahoo.com/