Re: REVOKE on ALTER USER, DROP USER

От: Tom Lane
Тема: Re: REVOKE on ALTER USER, DROP USER
Дата: ,
Msg-id: 752.1183911778@sss.pgh.pa.us
(см: обсуждение, исходный текст)
Ответ на: REVOKE on ALTER USER, DROP USER  (Tjibbe)
Список: pgsql-novice

Скрыть дерево обсуждения

REVOKE on ALTER USER, DROP USER  (Tjibbe, )
 Re: REVOKE on ALTER USER, DROP USER  (Tom Lane, )
 Re: REVOKE on ALTER USER, DROP USER  (Tjibbe, )
 Re: REVOKE on ALTER USER, DROP USER  (Tjibbe, )

Tjibbe <> writes:
> Hello, Is het possible tot REVOKE the ALTER USER command? In such a way tha=
> t users cannot change their password and username? And also cannot delete t=
> hemeself with DROP USER?

Ordinary users (those without superuser or createrole privilege) can't
do any of that except change their own password ... and I don't see a
particularly good argument for preventing them from doing that.

> Now I solve the problem in PHP, to filter de SQL query string behore sendin=
> g to postgresql as follows:

If you're allowing untrusted sources to provide chunks of SQL to be
executed directly, you've got problems far worse than this one.

            regards, tom lane


В списке pgsql-novice по дате сообщения:

От: Tjibbe
Дата:
Сообщение: Re: REVOKE on ALTER USER, DROP USER
От:
Дата:
Сообщение: Windows XP Install Problem