Обсуждение: Re: Re: grant privileges to a database [URGENT]

Поиск
Список
Период
Сортировка

Re: Re: grant privileges to a database [URGENT]

От
"Martin A. Marques"
Дата:
El Mié 31 Ene 2001 21:32, Mike Miller escribió:
> MySQL has this feature.  I run a multi-user system and require shared MySQL
> And PostgreSQL dbs.  I have mysql fine.  Users have their DBs and can only
> access their DBs... but theres no real way to do this in Postgres.  I can
> restrict tables, but I can still create tables in other poeples DBs.  Maybe
> only allowed to acess DBs you create or are assigned permission to

This is what I'm talking about (sort of) and I find it a handy thing that
informix has since at least 1995.
Lets say I have a database server and I create databases for diferent groups
of people to populate. Thtas what grant dba would be usefull for.

Saludos... :-)

--
System Administration: It's a dirty job,
but someone told I had to do it.
-----------------------------------------------------------------
Martín Marqués            email:     martin@math.unl.edu.ar
Santa Fe - Argentina        http://math.unl.edu.ar/~martin/
Administrador de sistemas en math.unl.edu.ar
-----------------------------------------------------------------

Re: Re: Re: grant privileges to a database [URGENT]

От
Dave Mertens
Дата:
On Wed, Jan 31, 2001 at 07:18:12PM -0300, Martin A. Marques wrote:
> El Mié 31 Ene 2001 18:32, Dan Wilson escribió:
> > GRANT ALL ON table1, table2, table3, view1, view2, sequence1, sequence2 TO
> > user
> The problem is that this is not what I'm looking for. I want the user to be 
> able to create new tables, views, sequences, etc on that database.

This is nbow what people call security. Normaly only the dba (database administrator)
is allowed to create tables. But everyone can create tables, views and
sequences. The objects are than only accessible to that user. The user who
created the table has also set the security on that object.

I large company where i work, developers arent allowed to create objects on
the database, this because developers make way to soon objects or change
current tables, so the whole application doesn't work anymore. We have an
user 'postgres'. Only 4 people (there are working 72 people here) have the
ssh-key to login as postgres on the database. User postgres is the owner of
all the objects in every database. User postgres give the proper security
settings for each remote user (normaly websites, applications, etc).

I now, i looks bad, but it's really a good thing

Dave Mertens
Unix System Administrator