Marc G. Fournier wrote:
> > I am working on it now. I decided against doing any kind of database
> > prepending at the user level. You create the user as 'dbname.username'.
> > That is clearer, rather than prepending based on the db you are
> > connected to. The only code change is in the postmaster authentication
> > lookup and ownership setting from the backend connection.
>
> Okay, just a couple of questions ... if there any way of provide
> 'superuse' access a user of the database for creating new users? Say one
> creates a dbname.pgsql account, could it be given 'create user' privileges
> for other users with a prefix of dbname.*?
Uh, that will be tough.
Super-user account will not be qualified by dbname for simplicity.
> and, what happens if one doesn't specify dbname.*? does that user become
> 'global', or have access to nothing?
Access to nothing. I could actually try to quality by dbname.username,
then fall back to just username, but that seems insecure.
-- Bruce Momjian | http://candle.pha.pa.us pgman@candle.pha.pa.us | (610)
853-3000+ If your life is a hard drive, | 830 Blythe Avenue + Christ can be your backup. | Drexel Hill,
Pennsylvania19026
