Skip site navigation (1) Skip section navigation (2)

Re: Granting permission on a sequence to a group

From: tövis <tovises(at)freemail(dot)hu>
To: "pgsql novice" <pgsql-novice(at)postgresql(dot)org>,"Walker, Jed S" <Jed_Walker(at)cable(dot)comcast(dot)com>
Subject: Re: Granting permission on a sequence to a group
Date: 2005-04-22 14:59:54
Message-ID: 003401c5474b$f11176a0$3401a8c0@mainxp (view raw or flat)
Thread:
Lists: pgsql-novice
RE: Granting permission on a sequence to a groupI loose the track! What you need first, evaluate sequence or evaluate table by user?
Somewhere - on Debian packet management - I have seen a contributed sw to disable/enable modify even a sinlge column (work on Linux).
Users are mostly can modify anything through your application, is not it? Sequencies are specifik to PostgreSQL no third parti tools for manipulate them such as MS-Access...


  ----- Original Message ----- 
  From: Walker, Jed S 
  To: 'pgsql-novice(at)postgresql(dot)org' 
  Sent: Friday, April 22, 2005 4:29 PM
  Subject: Re: [NOVICE] Granting permission on a sequence to a group


  OK, I think I figured this out, but if someone can confirm that this is the correct way to do this I'd appreciate it. 

  Since a sequence in postgres is actually a table, I realized that to pull a value off and have it increment you must be able to update the table. So I granted select and update on the sequence to the group, and now the user's in the group are able to use nextval().

  Is this definitely the correct way to handle this? 

  The thing I really don't like about this is that now the user's in that group can perform setval() on the sequence! That's seem like a big risk.

  If someone can confirm my solution or give me the proper way to do this I would greatly appreciate it. 

  Thanks again, 

  Jed. 

  _____________________________________________ 
  From:   Walker, Jed S  
  Sent:   Friday, April 22, 2005 8:21 AM 
  To:     Walker, Jed S; 'pgsql-novice(at)postgresql(dot)org' 
  Subject:        RE: Granting permission on a sequence to a group 

  I found a note in a book that states that using "nextval" can't be done with only select privileges, but it doesn't say what else is needed. Can someone tell me (hopefully I find it eventually)?

  _____________________________________________ 
  From:   Walker, Jed S  
  Sent:   Thursday, April 21, 2005 3:50 PM 
  To:     'pgsql-novice(at)postgresql(dot)org' 
  Subject:        Granting permission on a sequence to a group 

  Hi, 

  I have a sequence seq_page owned by user vrnsys. Vrnsys has granted "select" on seq_page to group vrn_admin. vrn_admin group has had user vrngui added to it, but vrngui is not able to access the sequence (permission denied for sequence seq_page).

  1. Any ideas why this isn't working? 

  Thanks in advance, 

      Jed S. Walker 



In response to

pgsql-novice by date

Next:From: Tom LaneDate: 2005-04-22 15:03:33
Subject: Re: Authorized privileges when calling a procedure
Previous:From: Walker, Jed SDate: 2005-04-22 14:29:35
Subject: Re: Granting permission on a sequence to a group

Privacy Policy | About PostgreSQL
Copyright © 1996-2014 The PostgreSQL Global Development Group