Re: hacker help: PHP-4.2.3 patch to allow restriction of

From: Peter Eisentraut <peter_e(at)gmx(dot)net>
To: Jim Mercer <jim(at)reptiles(dot)org>
Cc: Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>, PostgreSQL Development <pgsql-hackers(at)postgresql(dot)org>, Gavin Sherry <swm(at)linuxworld(dot)com(dot)au>
Subject: Re: hacker help: PHP-4.2.3 patch to allow restriction of
Date: 2002-09-28 11:08:36
Message-ID: Pine.LNX.4.44.0209281249350.1149-100000@localhost.localdomain
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-hackers

Jim Mercer writes:

> ideally, i'd like to have users-per-database, as opposed to the global
> model we have now.

That's in the works. Some form of this will be in 7.3.

> if we are willing to modify libpq to support a "white-list", then what you
> are suggesting is quite possible.

How would you store such a list and prevent users from simply unsetting
it?

> i suspect the php-dev people are unhappy with my patch because it is including
> logic (ie. parsing the white-list) which they don't think php should be
> responsible for.

From my reading of the discussion, I think they have not understood that
the PostgreSQL server has no way to distinguish different virtual host
identities. I think your feature is quite reasonable, if you list users
instead of databases.

--
Peter Eisentraut peter_e(at)gmx(dot)net

In response to

Responses

Browse pgsql-hackers by date

  From Date Subject
Next Message Peter Eisentraut 2002-09-28 11:08:54 Re: Bug in PL/pgSQL GET DIAGNOSTICS?
Previous Message Shridhar Daithankar 2002-09-28 08:17:00 Re: How to REINDEX in high volume environments?