| From: | Bill Moran <wmoran(at)potentialtech(dot)com> |
|---|---|
| To: | Uden van Hout <udenvh(at)gmail(dot)com> |
| Cc: | pgsql-general(at)postgresql(dot)org |
| Subject: | Re: Possibilities of Fine Grained Access Control? |
| Date: | 2007-10-17 12:53:25 |
| Message-ID: | 20071017085325.975170b0.wmoran@potentialtech.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general |
In response to Uden van Hout <udenvh(at)gmail(dot)com>:
> I need a solution for the following: With all data stored in the same
> schema, consumers may only retreive and update data that is relevant to
> them. At the same time, users in our own company need to see all data.
>
> Is a solution similar to Oracle's Virtual Private Database possible with
> PostgreSQL, as this is precisely what we need?
Not familiar with Oracle's solution, but ...
Without knowing the details, it's difficult to be sure if PostgreSQL's
native security meets your needs. You can assign read/write/create
permissions to databases, schemas, tables, and other objects:
http://www.postgresql.org/docs/8.2/static/sql-grant.html
This falls short if you need permissions at the row or column level,
which PG doesn't support naively (unless this has been added in 8.3
and I simply haven't see the announcement).
For that, the best approach I know for you is Veil:
http://veil.projects.postgresql.org/curdocs/index.html
--
Bill Moran
http://www.potentialtech.com
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Bryan Murphy | 2007-10-17 13:28:26 | Re: Index Usage |
| Previous Message | Syan Tan | 2007-10-17 12:34:22 | Re: atomic commit; begin for long running transactions , in combination with savepoint. |