From: | Bruce Momjian <maillist(at)candle(dot)pha(dot)pa(dot)us> |
---|---|
To: | mbeattie(at)sable(dot)ox(dot)ac(dot)uk (Malcolm Beattie) |
Cc: | hackers(at)postgreSQL(dot)org (PostgreSQL-development) |
Subject: | Re: [QUESTIONS] How is PostgreSQL doing? |
Date: | 1998-06-13 04:26:51 |
Message-ID: | 199806130426.AAA11998@candle.pha.pa.us |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-hackers |
>
> Eze Ogwuma writes:
> > Bruce Momjian <maillist(at)candle(dot)pha(dot)pa(dot)us> writes:
> > > Can you be specific? Something I can add to the TODO list.
> >
> > Database based access for users so that each user can be giving access
> > to a particular database only. More permissions for each databse user:
> > Create, Drop, Select, Insert etc. Possibly table based
> > authentification as well.
>
> I needed to do that for the web database that I'm setting up. We have
> 20000 users and each (potentially) needs a separate database which is
> only accessible to them. Rather than having 20000 lines in pg_hba.conf,
> I've patched Postgres so that the special token "%username" in the
> database field of pg_hba.conf allows access only to the username which
> is connecting. (I chose the leading "%" so that it couldn't clash with
> a real database name.) Since the patch is against 6.1 rather than
> 6.2beta, I hadn't made it public. Here it is in case it's of interest.
I have re-generated this patch for the current source, and changed
'%username' to 'sameuser'. I added documentation in pg_hba.conf.
Patch applied. This is a nice feature.
--
Bruce Momjian | 830 Blythe Avenue
maillist(at)candle(dot)pha(dot)pa(dot)us | Drexel Hill, Pennsylvania 19026
+ If your life is a hard drive, | (610) 353-9879(w)
+ Christ can be your backup. | (610) 853-3000(h)
From | Date | Subject | |
---|---|---|---|
Next Message | Thomas G. Lockhart | 1998-06-13 05:06:05 | Odd behavior in regression test? |
Previous Message | rmcm | 1998-06-13 03:37:03 | Re: [GENERAL] COALESCE() or NVL() |