Home > mailing lists

Re: granting right to create and delete just one database - Mailing list pgsql-general

From	Chris Withers
Subject	Re: granting right to create and delete just one database
Date	June 5, 2019 11:56:10
Msg-id	176edf88-10e2-6838-64c0-d9b945367ba4@withers.org Whole thread Raw
In response to	Re: granting right to create and delete just one database (Laurenz Albe <laurenz.albe@cybertec.at>)
Responses	Re: granting right to create and delete just one database
List	pgsql-general

Tree view

On 05/06/2019 09:52, Laurenz Albe wrote:
> Chris Withers wrote:
>> Is there any way to grant rights to a user such that they can drop and
>> re-create only a single database?
> No; what I'd do if I needed that is to create a SECURITY DEFINER function
> that is owned by a user with the CREATEDB privilege.
> This function can be called by a normal user that has the EXECUTE privilege
> on the function.
>
> Don't forget to "SET search_path" on such a function (as mentioned in the
> documentation).  It might also be a good idea to REVOKE EXECUTE on the
> function from PUBLIC.
Thanks, that's a great idea! Is this pattern documented anywhere as a 
complete finished thing?

cheers,

Chris

pgsql-general by date:

From: Laurenz Albe
Date: 05 June 2019, 11:52:17
Subject: Re: granting right to create and delete just one database

From: Tomasz Ostrowski
Date: 05 June 2019, 13:39:25
Subject: Re: Long running query - connection and keepalives enabled but querynot canceled

Re: granting right to create and delete just one database - Mailing list pgsql-general

Previous

Next