From: | "Nick Fankhauser" <nickf(at)ontko(dot)com> |
---|---|
To: | "Steven Cuthbertson" <steven(at)tie(dot)cl>, <pgsql-admin(at)postgresql(dot)org> |
Subject: | Re: Permission on tables |
Date: | 2002-04-26 14:24:55 |
Message-ID: | NEBBLAAHGLEEPCGOBHDGGELIENAA.nickf@ontko.com |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-admin |
> grant ALL on mytable to PUBLIC;
>
> Q: Is this dangerous? What is encompassed by "ALL"? Read? Write?
Sounds unwise to me, but I'm not a PHP-er.
In the Tomcat/Apache world, I can tell you that we generally grant select on
mytable to "www-data".
"www-data is the user that Apache runs as by default. I'd suggest finding
the Apache or PHP user & then granting only those privileges needed to only
that user.
Are you sure that you aren't just getting a more general rejection of your
connection due to problem in pg_hba? You mention that the servers are
separated. You could test the connectivity & authorization from X to Y by
trying (from X) psql -hY
regards,
-Nick
---------------------------------------------------------------------
Nick Fankhauser
nickf(at)doxpop(dot)com Phone 1.765.965.7363 Fax 1.765.962.9788
doxpop - Court records at your fingertips - http://www.doxpop.com/
From | Date | Subject | |
---|---|---|---|
Next Message | Steven Cuthbertson | 2002-04-26 19:23:34 | Re: Permission on tables |
Previous Message | Steven Cuthbertson | 2002-04-26 14:11:15 | Permission on tables |