Re: Allowing usernames in pg_hba.conf
| От | Peter Eisentraut |
|---|---|
| Тема | Re: Allowing usernames in pg_hba.conf |
| Дата | |
| Msg-id | Pine.LNX.4.30.0203112250280.690-100000@peter.localdomain обсуждение исходный текст |
| Ответ на | Re: Allowing usernames in pg_hba.conf ("Dominic J. Eidson" <sauron@the-infinite.org>) |
| Список | pgsql-hackers |
Dominic J. Eidson writes: > I'd started a long-ish post about how pgsql should have a proper > permission model for user-to-database access - when someone pointed me to > the following url, which I'd like to bring to everybody's attention: > > http://candle.pha.pa.us/cgi-bin/pgtodo?privileges > > Is this something PeterE's still looking at doing for 7.(I guess 3, now?) I guess the implementation ideas have changes a little, but the code has been generalized enough so that you can add privileges on almost anything. Function and language privleges are available in the 7.3 branch. Those are the ones most people wanted. I guess you could add privileges to databases, too. But I'm wary about keeping the connection permissions in the database because you can easily lock yourself out that way. However, there are plenty of other ways you can lock yourself out and in most cases you can start a standalone backend to fix the situation. So may that would be a possibility. -- Peter Eisentraut peter_e@gmx.net
В списке pgsql-hackers по дате отправления: