I think there's one possible solution, though I haven't fully tried it and
the administration can become rather bothersome and even complicated, but
here goes.
I did some testing by modifying the pg_hba.conf file, specifying which
database may be access from which IP address, and it worked, though I
haven't done any serious testing.
The reason this might work for me is that I don't have that many users to
connect directly to the database, instead I use a common user account,
which, in a multi-tier scheme, makes the connection from an App-server
(the App-server makes a remote connection to my pg-server), so I know
there's only one machine (besides mine), that would be connecting to the
database.
As I said before:
1.- If you have several connections from diferent machines this method
could become rather complicated, but it's an idea.
2.- I haven't fully tested it.
Hope this helps.
Alfonso Peniche
Markus Wigge wrote:
> Hi PG-Admins,
>
> I think this question is asked more often than you'd like it to be
> so excuse me ...
> Is there any possibility to restrict database-access user based?
> When I create a user without the permission to create databases this
> user has access to all available databases on the system. He can
> create and drop database objects but cannot manipulate objects owned
> by other users.
>
> I don't really like this situation and I want to give exclusive right
> to databases so that just the owner of it can create and drop
> things.
>
> --
> bye,
> Markus mailto:markus@cultcom.de