| From: | Stephen Frost <sfrost(at)snowman(dot)net> |
|---|---|
| To: | Andrew Hall <andrewah(at)hotmail(dot)com> |
| Cc: | PostgreSQL Mailing List <pgsql-sql(at)postgresql(dot)org> |
| Subject: | Re: PostgreSQL Security/Roles/Grants |
| Date: | 2009-11-01 19:09:59 |
| Message-ID: | 20091101190959.GD17756@tamriel.snowman.net |
| Views: | Whole Thread | Raw Message | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-sql |
Andrew,
* Andrew Hall (andrewah(at)hotmail(dot)com) wrote:
> 2. Non-default role -> a role which has to be explicitly activated during the lifecycle of an application in order to gain access to database resources. There are no limits on the number of non-default roles. This type of role helps us to only provide a user with the minimal set of privileges that they require at any given time, and minimise their access to database resources.
>
> I have looked through the PostgreSQL documentation, and cannot find anything analogous to the 'non-default role' which I have outlined above - although obviously it does support roles.
>
> I just want to confirm that all roles in postgreSQL are activated at login time?
No. You need to read the documentation on the 'noinherit' attribute of
roles.
See:
http://www.postgresql.org/docs/8.4/static/role-membership.html
> Secondly, is there a limit on the number of roles which can be assigned to a user (or more accurately a 'login role') in postgreSQL?
No.
Thanks,
Stephen
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Jasen Betts | 2009-11-02 10:11:23 | Re: PostgreSQL Security/Roles/Grants |
| Previous Message | Andrew Hall | 2009-11-01 18:04:14 | PostgreSQL Security/Roles/Grants |