| From: | Bruno Wolff III <bruno(at)wolff(dot)to> |
|---|---|
| To: | Tad Marko <tmarko(at)metrosplash(dot)com> |
| Cc: | Bradley Kieser <brad(at)kieser(dot)net>, pgsql-admin(at)postgresql(dot)org |
| Subject: | Re: Limiting user privileges |
| Date: | 2005-01-12 05:49:23 |
| Message-ID: | 20050112054923.GA7867@wolff.to |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-admin |
On Tue, Jan 11, 2005 at 15:49:32 -0600,
Tad Marko <tmarko(at)metrosplash(dot)com> wrote:
>
> In MySQL (the only DB I'm very familiar with), I can create a database,
> import tables, create a user, and then
>
> GRANT ALL ON dbname.* TO whateveruser
>
> and then whateveruser is essentially the super user on that database. I
> think that I understand that in PostgreSQL, I need to make whateveruser
> the owner of the database, then I won't have to go through the GRANT
> step for him.
Making someone the owner of a database isn't going to give that person
access to all other objects in the database. When other users create
objects the database owner won't in general have access to them.
> But, what do I need to do if I need to say easily create users that have
> INSERT and SELECT privileges on all (of a large number of) tables in a
> given database?
You need to write a script or function that gives them appropiate access
to all existing objects. Another possible solution is to have a policy
of giving a specific group access to all objects that are created in the
database. Then you can give new users access to these objects by just
adding them to the group.
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Iain | 2005-01-12 08:31:49 | How to fix bad multibyte data? |
| Previous Message | Michael Fuhr | 2005-01-12 04:01:09 | Re: source database "template1" is being accessed by other users |