| From: | Stephen Frost <sfrost(at)snowman(dot)net> |
|---|---|
| To: | "Gauthier, Dave" <dave(dot)gauthier(at)intel(dot)com> |
| Cc: | "pgsql-general(at)postgresql(dot)org" <pgsql-general(at)postgresql(dot)org> |
| Subject: | Re: column level, uid based authorization to update columns |
| Date: | 2009-09-04 00:10:44 |
| Message-ID: | 20090904001044.GD17756@tamriel.snowman.net |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general |
* Gauthier, Dave (dave(dot)gauthier(at)intel(dot)com) wrote:
> In linux, given the linux based uid of the user, how might someone implement column level update restrictions on a uid basis? For example...
The first issue is getting the linux uid to equate to a PG role. That
can be done using 'ident' authentication, though I would recommend only
allowing that on socket-based connections (not with tcp/ip connections).
You could also give 'joeuser' a username and password to connect to PG
with.
In PG, with 8.4, you can use column-level privileges to limit what a
given PG role can do. See the GRANT syntax for 8.4.
Thanks,
Stephen
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Adrian Klaver | 2009-09-04 00:16:56 | Re: pg_ctl with unix domain socket? |
| Previous Message | Sergey Samokhin | 2009-09-04 00:10:33 | How do I store tables on a remote host? |