Обсуждение: security rights per database DDL/DML connect
I've been searching the web for a solution on this but no luck . I'm administering a webserver w/ PHP apps on . I had an idea to create an application database and give access to certain users to maintain the data within the database tables , but also I'd like to make sure only certain users are able to perform DDL commands. Or simply to revoke access for connecting to this db. I haven't found any clues. , any help is appreciated . many thanks, Gabor Faludi
On Tue, Oct 22, 2002 at 21:01:59 +0200, Gabor Faludi <falu@fits.hu> wrote: > I've been searching the web for a solution on this but no luck . > > I'm administering a webserver w/ PHP apps on . I had an idea to create an > application database and give access to certain users to maintain the data > within the database tables , but also I'd like to make sure only certain > users are able to perform DDL commands. Or simply to revoke access for > connecting to this db. In 7.3 you can get a pretty good handle on this. The database owner can restrict who can create schemas and schema owners can control who can create objects in that schema.
On Tue, 22 Oct 2002, Bruno Wolff III wrote: > In 7.3 you can get a pretty good handle on this. The database owner can > restrict who can create schemas and schema owners can control who can > create objects in that schema. Will I be able to give people the right to execute a function, but not view it?
Dan Langille <dan@langille.org> writes:
> Will I be able to give people the right to execute a function, but not
> view it?
Write it in C. Short of that, you're asking for unenforceable
restrictions on the ability to read pg_proc.
regards, tom lane
On Wed, 23 Oct 2002, Tom Lane wrote: > Dan Langille <dan@langille.org> writes: > > Will I be able to give people the right to execute a function, but not > > view it? > > Write it in C. Short of that, you're asking for unenforceable > restrictions on the ability to read pg_proc. I like that approach. Given that the existing functions are written in plpgsql, is there a good guide to converting to C?
anyone here know what's the hash functions used in pgsql? -- Rafael