| From: | Alvaro Herrera <alvherre(at)dcc(dot)uchile(dot)cl> |
|---|---|
| To: | Kreißl, Karsten <KREISSL(at)his(dot)de> |
| Cc: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>, pgsql-general(at)postgresql(dot)org |
| Subject: | Re: User Privileges using dblink |
| Date: | 2004-06-23 14:45:11 |
| Message-ID: | 20040623144511.GB2767@dcc.uchile.cl |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general |
On Wed, Jun 23, 2004 at 09:03:37AM +0200, "Kreißl, Karsten" wrote:
> But, under this conditions we must specify username and password
> (without encryption!) in the view definition. Every user can read
> this information using pgadmin or other tools. It's very simple ! In
> our environment the remote DB knows the same users as our local DB. So
> we are always searching for a solution, without publishing username
> and password. Our background is a migration from INFORMIX DB to
> PostgreSQL. Using INFORMIX there is a rather simple solution for this
> problem, called Synonyms.
Personally, I think it's a very bad idea to use a different database for
this kind of data exchange. I'd go with using different schemas.
There's a lot more fine grained control on access privileges, and users
won't be able to see any password; also, the performance should be much
better.
--
Alvaro Herrera (<alvherre[a]dcc.uchile.cl>)
"El número de instalaciones de UNIX se ha elevado a 10,
y se espera que este número aumente" (UPM, 1972)
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Andreas Pflug | 2004-06-23 14:46:39 | Re: [GENERAL] Building pgadmin on Fedora core 2 |
| Previous Message | Richard Huxton | 2004-06-23 14:36:34 | Re: timestamp without time zone format |