Re: Feature request: permissions change history for auditing

From: Euler Taveira de Oliveira <euler(at)timbira(dot)com>
To: Thom Brown <thombrown(at)gmail(dot)com>
Cc: pgsql-hackers(at)postgresql(dot)org
Subject: Re: Feature request: permissions change history for auditing
Date: 2009-12-01 14:03:49
Message-ID: 4B152245.9080505@timbira.com
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-hackers

Thom Brown escreveu:
> As far as I am aware, there is no way to tell when a user/role was
> granted permissions or had permissions revoked, or who made these
> changes. I'm wondering if it would be useful for security auditing to
> maintain a history of permissions changes only accessible to superusers?
>
If the utility command hook patch is approved, it will be possible to track
commands rather than DML ones. In that case, it would be trivial to do some
extension that covers your audit concerns.

[1] https://commitfest.postgresql.org/action/patch_view?id=196

--
Euler Taveira de Oliveira
http://www.timbira.com/

In response to

Browse pgsql-hackers by date

  From Date Subject
Next Message Aidan Van Dyk 2009-12-01 14:26:21 Re: Block-level CRC checks
Previous Message Andres Freund 2009-12-01 13:41:46 Re: Block-level CRC checks