From: | Bruce Momjian <pgman(at)candle(dot)pha(dot)pa(dot)us> |
---|---|
To: | "Marc G(dot) Fournier" <scrappy(at)hub(dot)org> |
Cc: | Ron Snyder <snyder(at)roguewave(dot)com>, Neil Conway <nconway(at)klamath(dot)dyndns(dot)org>, PostgreSQL-development <pgsql-hackers(at)postgresql(dot)org> |
Subject: | Re: Open 7.3 items |
Date: | 2002-08-01 03:17:45 |
Message-ID: | 200208010317.g713Hjm23803@candle.pha.pa.us |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-hackers |
Marc G. Fournier wrote:
> > I am working on it now. I decided against doing any kind of database
> > prepending at the user level. You create the user as 'dbname.username'.
> > That is clearer, rather than prepending based on the db you are
> > connected to. The only code change is in the postmaster authentication
> > lookup and ownership setting from the backend connection.
>
> Okay, just a couple of questions ... if there any way of provide
> 'superuse' access a user of the database for creating new users? Say one
> creates a dbname.pgsql account, could it be given 'create user' privileges
> for other users with a prefix of dbname.*?
Uh, that will be tough.
Super-user account will not be qualified by dbname for simplicity.
> and, what happens if one doesn't specify dbname.*? does that user become
> 'global', or have access to nothing?
Access to nothing. I could actually try to quality by dbname.username,
then fall back to just username, but that seems insecure.
--
Bruce Momjian | http://candle.pha.pa.us
pgman(at)candle(dot)pha(dot)pa(dot)us | (610) 853-3000
+ If your life is a hard drive, | 830 Blythe Avenue
+ Christ can be your backup. | Drexel Hill, Pennsylvania 19026
From | Date | Subject | |
---|---|---|---|
Next Message | Bruce Momjian | 2002-08-01 03:20:35 | Re: WAL file location |
Previous Message | Curt Sampson | 2002-08-01 03:13:08 | Re: WAL file location |