Обсуждение: Re: help with pg_hba.conf
possibly this answers my question, and what i am doing is indeed the most appropriate?
"Databases are physically separated and access control is managed at the connection level."
from 8.3 docs, section 20.1
thanks,
Isaac
"Databases are physically separated and access control is managed at the connection level."
from 8.3 docs, section 20.1
thanks,
Isaac
On Fri, May 22, 2009 at 2:37 AM, Isaac Dover <isaacdover@gmail.com> wrote:
Hello, to this point i've been working with pg_hba.conf authentication defaults as installed with PostgreSQL 8.3. I'm trying to better understand "best practice" for managing connections to databases (I've grown accustomed to the MSSQL EM method of assigning user privileges). As far as i can tell, pg_hba.conf is the only manner in which to prevent users from connecting to other users' databases. I've restricted roles to connecting only using sameuser:host sameuser all 192.168.168.0/24 md5this works fine until a user connects and creates a new database. Pg shows that the owner of the database is the currently connected user, but the user can't connect to it, as the hba.conf file has the sameuser restriction. I was hoping that (somehow, magically) the owner of the database could always connect to the databases he/she owns.Is hba.conf the only way to restrict users connections to specific databases? Are there privileges I can grant without having to maintain this file?I've spent quite some time researching this, even with the documentation, but I'm wondering what I'm missing.Thanks,Isaac
Isaac Dover <isaacdover@gmail.com> writes:
>> As far as i can tell,
>> pg_hba.conf is the only manner in which to prevent users from connecting to
>> other users' databases. I've restricted roles to connecting only using
>> sameuser:
>>
>> host sameuser all 192.168.168.0/24 md5
In recent releases (certainly 8.3) the better approach is probably to
use CONNECT privilege to grant or deny access. However that does have
some drawbacks if you intend to let users create their own databases
--- they have to remember to set the privileges properly on new DBs.
regards, tom lane
thank you _SO_ much. I'm not sure how I overlooked that, but it is far easier to manage using connect. I'm assuming thateven if tables have public privileges granted, that they are not visible to people not granted connect privileges tothe database?<br /><br />Thanks,<br />Isaac<br /><br /><div class="gmail_quote">On Fri, May 22, 2009 at 12:31 PM, Tom Lane<span dir="ltr"><<a href="mailto:tgl@sss.pgh.pa.us">tgl@sss.pgh.pa.us</a>></span> wrote:<br /><blockquote class="gmail_quote"style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;"><divclass="im">Isaac Dover <<a href="mailto:isaacdover@gmail.com">isaacdover@gmail.com</a>> writes:<br /> >>As far as i can tell,<br /> >> pg_hba.conf is the only manner in which to prevent users from connecting to<br/> >> other users' databases. I've restricted roles to connecting only using<br /> >> sameuser:<br /> >><br/> >> host sameuser all <a href="http://192.168.168.0/24" target="_blank">192.168.168.0/24</a> md5<br /><br/></div>In recent releases (certainly 8.3) the better approach is probably to<br /> use CONNECT privilege to grant ordeny access. However that does have<br /> some drawbacks if you intend to let users create their own databases<br /> ---they have to remember to set the privileges properly on new DBs.<br /><br /> regards, tom lane<br/></blockquote></div><br />
Isaac Dover <isaacdover@gmail.com> writes:
> thank you _SO_ much. I'm not sure how I overlooked that, but it is far
> easier to manage using connect. I'm assuming that even if tables have public
> privileges granted, that they are not visible to people not granted connect
> privileges to the database?
Right, if you can't get into the database then the permissions of
objects within it don't matter...
regards, tom lane