| From: | Alvaro Herrera <alvherre(at)commandprompt(dot)com> |
|---|---|
| To: | Thomas Mack <mack(at)ifis(dot)cs(dot)tu-bs(dot)de> |
| Cc: | pgsql-admin(at)postgresql(dot)org |
| Subject: | Re: Role based database access |
| Date: | 2007-05-24 13:57:04 |
| Message-ID: | 20070524135704.GA4320@alvh.no-ip.org |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-admin |
Thomas Mack wrote:
> Hello!
>
> I face a problem here with restricting access to databases to
> the owners of the database (Postgres 8.1.4).
>
> We would like any postgres user to have database access restricted
> to their own databases only. This is so, as we use postgres for
> educational purposes.
>
> I looked into pg_hba.conf, but unfortunately, when restricting
> database access in the database field, the NAME(!) of the database
> is concerned, which we do not restrict. Any user can create as
> many databases as needed, and the name may be choosen freely.
In the database name you can specify "@file", which points to a file
containing a list of database names that the pg_hba.conf lines applies
to. One idea is to have the database creation routine put a line into
that file (which would be specific to each user).
--
Alvaro Herrera http://www.CommandPrompt.com/
PostgreSQL Replication, Consulting, Custom Development, 24x7 support
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Tom Lane | 2007-05-24 15:12:17 | Re: anonymous block in Postgres - Hello World |
| Previous Message | Abraham, Danny | 2007-05-24 12:30:03 | anonymous block in Postgres - Hello World |