Peter Eisentraut wrote:
> Bruce Momjian writes:
>
> > I have another idea. What if we had a default group for each database,
> > like pg_connect_{dbname}, and you can add/remove users from that group
> > to grant/remove connection privileges?
>
> That strikes me as a very ugly abuse of the privilege system. If you want
> to grant a privilege, use GRANT, not the name of a group.
We could use GRANT and internally do it with per-database system groups.
It would fit into our system cleanly, and could be dumped/reloaded
cleanly too. Unfortunately, that would give us two places to specify
the connecting users, pg_hba.conf and GRANT CONNECT. Is that a problem?
It would be tricky to grant access to only one db or all db's using
GRANT. Not sure how that would be specified. This is where we start to
get overlap and confusion because it doesn't behave just like
pg_hba.conf but also doesn't have the same flexibility of pg_hba.conf.
I am still looking for ideas.
-- Bruce Momjian | http://candle.pha.pa.us pgman@candle.pha.pa.us | (610)
853-3000+ If your life is a hard drive, | 830 Blythe Avenue + Christ can be your backup. | Drexel Hill,
Pennsylvania19026
