From: | "Roberts, Jon" <Jon(dot)Roberts(at)asurion(dot)com> |
---|---|
To: | 'Alvaro Herrera' <alvherre(at)commandprompt(dot)com> |
Cc: | 'Kris Jurka' <books(at)ejurka(dot)com>, Merlin Moncure <mmoncure(at)gmail(dot)com>, "Jonah H(dot) Harris" <jonah(dot)harris(at)gmail(dot)com>, Bill Moran <wmoran(at)collaborativefusion(dot)com>, "Joshua D(dot) Drake" <jd(at)commandprompt(dot)com>, pgsql-performance(at)postgresql(dot)org |
Subject: | Re: viewing source code |
Date: | 2007-12-18 18:33:54 |
Message-ID: | 1A6E6D554222284AB25ABE3229A92762112A25@nrtexcus702.int.asurion.com |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-performance |
So you are saying I need to create a view per user to achieve this? That
isn't practical for an enterprise level database.
I'm basically suggesting row level security that would be implemented for a
system table and then RLS could be used for user defined tables too.
Jon
> -----Original Message-----
> From: Alvaro Herrera [mailto:alvherre(at)commandprompt(dot)com]
> Sent: Tuesday, December 18, 2007 12:27 PM
> To: Roberts, Jon
> Cc: 'Kris Jurka'; Merlin Moncure; Jonah H. Harris; Bill Moran; Joshua D.
> Drake; pgsql-performance(at)postgresql(dot)org
> Subject: Re: [PERFORM] viewing source code
>
> Roberts, Jon escribió:
>
> > Revoking pg_proc isn't good for users that shouldn't see other's code
> but
> > still need to be able to see their own code.
>
> So create a view on top of pg_proc restricted by current role, and grant
> select on that to users.
>
> --
> Alvaro Herrera
> http://www.CommandPrompt.com/
> The PostgreSQL Company - Command Prompt, Inc.
From | Date | Subject | |
---|---|---|---|
Next Message | Richard Huxton | 2007-12-18 18:50:36 | Re: viewing source code |
Previous Message | Alvaro Herrera | 2007-12-18 18:26:49 | Re: viewing source code |