Re: Catalog permissions

From: Guillaume Lelarge <guillaume(at)lelarge(dot)info>
To: Felipe Santos <felipepts(at)gmail(dot)com>
Cc: BRUNO CESAR BERNARDES <bruno(dot)bernardes(at)embrapa(dot)br>, gilberto castillo <gilberto(dot)castillo(at)etecsa(dot)cu>, "pgsql-admin(at)postgresql(dot)org" <pgsql-admin(at)postgresql(dot)org>
Subject: Re: Catalog permissions
Date: 2015-03-31 21:03:55
Message-ID: CAECtzeXO+7TN6rB_TuT_nv_na-z6ws6bDb6z=sHdwmMobq-Htg@mail.gmail.com
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-admin

2015-03-31 21:53 GMT+02:00 Felipe Santos <felipepts(at)gmail(dot)com>:

>
>
> 2015-03-31 16:44 GMT-03:00 BRUNO CESAR BERNARDES <
> bruno(dot)bernardes(at)embrapa(dot)br>:
>
> Thanks Gilberto,
>>
>> The problem still the same.
>> The user is allowed to see the entire installation catalog, all
>> databases, all schemas, etc. Of course, he is allowed to see data only in
>> the schema that I gave this permission.
>> The ideia is to be shoed to him only the datbase end schema that he
>> has permission.
>> I applied the command "Alter user myuser set
>> default_transaction_read_only = on;" to this user . The others were
>> already set.
>>
>> Saludos,
>> Bruno
>>
>> ------------------------------
>> *De: *"Gilberto Castillo" <gilberto(dot)castillo(at)etecsa(dot)cu>
>> *Para: *"BRUNO CESAR BERNARDES" <bruno(dot)bernardes(at)embrapa(dot)br>
>> *Cc: *pgsql-admin(at)postgresql(dot)org
>> *Enviadas: *Terça-feira, 31 de março de 2015 12:59:11
>> *Assunto: *Re: [ADMIN] Catalog permissions
>>
>>
>>
>>
>> > Hi,
>> >
>> > I have to allow one user to use my Postgres installation in one schema
>> of
>> > several. We are preparing an phpPGAdmin installation to give an remote
>> > access to this schema.
>> > The phpPDAdmin is showing the entire catalog to this user and allowing
>> > access only in the schema that I gave permissions to him.
>> > How do I do to this user can see only the schema that he has access, not
>> > the entire catalog.
>> > Is it possible?
>>
>> Use:
>>
>> GRANT usage on schema zzz to uuu;
>> Alter user uuu set default_transaction_read_only = on;
>> GRANT select on all tables in schema zzz to uuu;
>>
>>
>> Saludos,
>> Gilberto Castillo
>> ETECSA, La Habana, Cuba
>>
>> ---
>> This message was processed by Kaspersky Mail Gateway 5.6.28/RELEASE
>> running at host imx3.etecsa.cu
>> Visit our web-site: <http://www.kaspersky.com>, <http://www.viruslist.com
>> >
>>
>>
>> --
>> Sent via pgsql-admin mailing list (pgsql-admin(at)postgresql(dot)org)
>> To make changes to your subscription:
>> http://www.postgresql.org/mailpref/pgsql-admin
>>
>>
>>
>> -
>>
>>
>>
>> ________________
>> ____________________________________________________________
>> Aviso de confidencialidade.
>>
>> Esta mensagem da Empresa Brasileira de Pesq uisa Agropecuária (Embrapa),
>> empresa pùblica federal regi da pelo disposto na Lei Federal no. 5.851, de
>> 7 de dezembro de 1972, & eacute; enviada exclusivamente a seu destinatário
>> e pode conter i nformações confidenciais, protegidas por sigilo
>> profissional . Sua utilização desautorizada é ilegal e sujeita o infrator
>> às penas da lei. Se você a recebeu indevidamente, queira, por gentileza,
>> reenviá-la ao emitente, esclarecendo o equ&i acute;voco.
>>
>> Confidentiality note
>>
>> This message from Empresa Brasileira de Pesquisa Agropecuária (Embrapa),
>> a govern ment company established under Brazilian law (5.851/72), is
>> directed ex clusively to its addressee and may contain confidential data,
>> protected under professional secrecy rules. Its unauthorized use is illegal
>> and may subject the transgressor to the law's penalties. If you are not the
>> a ddressee, please send it back, elucidating the failure.
>>
>>
>
> Olá Bruno,
>
> Is this what you are looking for?
>
> Link:
> http://stackoverflow.com/questions/12663639/how-to-hide-databases-that-i-am-not-allowed-to-access
>
>
This will only work on pgAdmin. There's no such capacity in phpPgAdmin.

--
Guillaume.
http://blog.guillaume.lelarge.info
http://www.dalibo.com

In response to

Browse pgsql-admin by date

  From Date Subject
Next Message Stephen Frost 2015-04-01 00:34:34 Re: Permission select pg_stat_replication
Previous Message Payal Singh 2015-03-31 20:24:32 Re: Permission select pg_stat_replication