[prev in list] [next in list] [prev in thread] [next in thread]
List: postgresql-general
Subject: Re: [HACKERS] [PATCHES] Users/Groups -> Roles
From: Stephen Frost <sfrost () snowman ! net>
Date: 2005-06-30 15:49:59
Message-ID: 20050630154958.GH24207 () ns ! snowman ! net
[Download RAW message or body]
* Tom Lane (tgl@sss.pgh.pa.us) wrote:
> Stephen Frost <sfrost@snowman.net> writes:
> > That's controlled by pg_hba.conf though, isn't it? The idea being that
> > you'd like to give some people the ability to create users/roles, but to
> > limit the databases those created users/roles could connect to by, say,
> > requiring they have 'usage' or 'connect' permissions to that database,
> > which could be set by the database owner; without the database owner
> > having write permissions to the pg_hba.conf.
>
> You can do that today by putting a group name in pg_hba.conf. Roles
> will make it more flexible; I don't see that we need anything more.
>
> For instance, if pg_hba.conf says "samegroup" then you could manage
> everything by associating a group with each database.
Ahh, ok, good point. Sorry, I'd forgotten about that flexibility of
pg_hba.conf. Well, hopefully this will make some ISPs happy then. :)
Thanks,
Stephen
["signature.asc" (application/pgp-signature)]
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic