Skip site navigation (1) Skip section navigation (2)

Re: 7.3 and user permissions

From: Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>
To: Chris Hoover <revoohc(at)gmail(dot)com>
Cc: pgsql-admin(at)postgresql(dot)org
Subject: Re: 7.3 and user permissions
Date: 2005-07-13 16:49:11
Message-ID: 9313.1121273351@sss.pgh.pa.us (view raw or flat)
Thread:
Lists: pgsql-admin
Chris Hoover <revoohc(at)gmail(dot)com> writes:
> I'm having a strange issue.  I just created a new user with createdb
> and createuser permissions.  The user only has permissions to view the
> data in one database.  However, when I login to any db as him, I am
> able to select data from tables that he has no select permisisons on. 

"createuser" actually means "superuser" ... does that make it clearer?

PG 8.1 will have a privilege level that allows creation of users without
full superuserdom, but no existing release does.

> Also, I would really prefer that this user only have access to his one
> db and not able to see anything in the other db's.  Is this possible?

Database connection privileges are controlled by pg_hba.conf; you could
adjust that file to allow this user access to only his own database.
Better take away his superuser rights first though, else he could undo
the change if he chose to.

			regards, tom lane

In response to

pgsql-admin by date

Next:From: Ben KimDate: 2005-07-13 18:45:54
Subject: Changing
Previous:From: Chris HooverDate: 2005-07-13 15:42:48
Subject: 7.3 and user permissions

Privacy Policy | About PostgreSQL
Copyright © 1996-2014 The PostgreSQL Global Development Group