Re: How to grant a user read-only access to a database?

From: Craig Ringer <craig(at)postnewspapers(dot)com(dot)au>
To: Thom Brown <thombrown(at)gmail(dot)com>
Cc: Nilesh Govindarajan <lists(at)itech7(dot)com>, Antonio Goméz Soto <antonio(dot)gomez(dot)soto(at)gmail(dot)com>, pgsql-general(at)postgresql(dot)org
Subject: Re: How to grant a user read-only access to a database?
Date: 2010-03-02 12:12:02
Message-ID: 4B8D0092.4080607@postnewspapers.com.au
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-general

On 2/03/2010 8:00 PM, Thom Brown wrote:

> CREATE ROLE testuser WITH LOGIN; -- At this point we haven't assigned
> this user to any group
>
> SET ROLE testuser;
> SELECT * FROM table_a;
>
> We get:
> ERROR: permission denied for relation table_a

... if table_a doesn't have grants to public, which it may well. I like
to revoke public access to my schema and to my database to make very,
very sure that only roles I've explicitly allowed can get in.

I prefer to explicitly revoke all rights from public on objects.

--
Craig Ringer

In response to

Browse pgsql-general by date

  From Date Subject
Next Message Pavel Stehule 2010-03-02 12:35:00 Re: need a query
Previous Message Thom Brown 2010-03-02 12:00:59 Re: How to grant a user read-only access to a database?