Skip site navigation (1)
Skip section navigation (2)
Peripheral Links
createdb but revoke dropdb
Hi, In using 8.3. I'm trying to set up programmatic database creation but is there a way that the user creating the databases can be restricting from dropping them? I have two roles, 'adminuser' with createdb permission, and 'dbuser' a user with CRUD privileges. adminuser is a member of the dbuser role, this seems to allow adminuser to createdb databases for dbuser with: createdb -U adminuser -O dbuser new_database_name Adding .pgpass to the linux user's home directory allows createdb to work without additional user input. But now it seems the linux user also has dropdb privileges. How can i restrict this? Perhaps there is a recommended method to disable dropdb? Can anyone suggest? The adminuser has no login privileges so by removing dropdb this should remove the possibility for any hacker chaos other than creating more databases? Thanks in advance for any advice, Ben
Responses
- Fwd: createdb but revoke dropdb at 2010-03-03 09:07:40 from Ben Eliott
- Re: createdb but revoke dropdb at 2010-03-03 09:17:11 from Richard Huxton
pgsql-general by date
Next: From: Lee Hachadoorian Date: 2010-03-02 18:42:34 Subject: Re: Array columns vs normalized table Previous: From: Bruce Momjian Date: 2010-03-02 18:14:00 Subject: Re: [GENERAL] trouble with to_char('L')