Re: Ignoring the limited user-rights by using ODBC

--- "Joshua D. Drake" <jd(at)commandprompt(dot)com> wrote:
> On Thu, 2005-03-24 at 15:12 +0100, Goeke, Tobias
> wrote:
> > Hello,
> >
> > I created a new user in a new schema.
> > This user is only authorized to select the views
> in this schema.
> > If i look at the tables and views for this user by
> using "\d", there are
> > only a few views shown.
> > That means that the rights are correctly set.
> >
> > Now the real problem:
> >
> > If i connect to the database via obdc with this
> user, all schemes are shown.
> > So i am able to select all the tables and views
> e.g. in excel, although the
> > user isn't autorized.

This is a known issue, and I do not know of any
workaround. IIRC, it was Dave Page who posted a
reason for this behaviour some months back, but I
forget the details.

>
> Have you verified that the user can actually select
> from the tables or
> can the user just see that the tables exist?
>
> Have you verified that you are actually connecting
> as the limited user?
>
> Sincerely,
>
> Joshua D. Drake
>
>
> >
> > I should only be able to select a few views, like
> it is configured in psql.
> > How can i constrain this?
> >
> > Can you help me?
> >
> > Thanks
> > Tobias
> >
> >
> >
> >
> > ---------------------------(end of
> broadcast)---------------------------
> > TIP 1: subscribe and unsubscribe commands go to
> majordomo(at)postgresql(dot)org
> --
> Command Prompt, Inc., Your PostgreSQL solutions
> company. 503-667-4564
> Custom programming, 24x7 support, managed services,
> and hosting
> Open Source Authors: plPHP, pgManage, Co-Authors:
> plPerlNG
> Reliable replication, Mammoth Replicator -
> http://www.commandprompt.com/
>
>
> ---------------------------(end of
> broadcast)---------------------------
> TIP 4: Don't 'kill -9' the postmaster
>

__________________________________
Do you Yahoo!?
Yahoo! Small Business - Try our new resources site!
http://smallbusiness.yahoo.com/resources/