Skip site navigation (1) Skip section navigation (2)

Any user able to connect to a database can create tables/etc

From: pgsql-bugs(at)postgresql(dot)org
To: pgsql-bugs(at)postgresql(dot)org
Subject: Any user able to connect to a database can create tables/etc
Date: 2000-08-25 19:47:16
Message-ID: 200008251947.e7PJlG153369@hub.org (view raw or flat)
Thread:
Lists: pgsql-bugs
Robert Watson (robert(at)fledge(dot)watson(dot)org) reports a bug with a severity of 2
The lower the number the more severe it is.

Short Description
Any user able to connect to a database can create tables/etc

Long Description
There is no access control mechanism by which users can be allowed
to connect to a database, but not create tables.  Ideally, only the
DBA would be able to create new tables, or some ACL would exist
on the database to limit which users could create tables.  As it
stands, this is a severe limitation for sites that wish to allow
mutually suspicious users to host different databases on the same
backend.

One solution might be to add an ACL to the database itself
enumerating various rights for various principals, including:

connect (can connect to the database at all)
create (can create tables, views, et al)
delete (can delete tables, views, et al)

You could imagine other rights being necessary or useful also.
This type of feature would make PostgreSQL far more useful in
ISP/ASP environments.


Sample Code


No file was uploaded with this report


Responses

pgsql-bugs by date

Next:From: Antoine ReidDate: 2000-08-25 20:19:11
Subject: Re: Any user able to connect to a database can create tables/etc
Previous:From: pgsql-bugsDate: 2000-08-25 19:28:54
Subject: duplicated rows on update when client dies

Privacy Policy | About PostgreSQL
Copyright © 1996-2014 The PostgreSQL Global Development Group