--- Tom Lane <tgl@sss.pgh.pa.us> wrote:
> CSN <cool_screen_name90001@yahoo.com> writes:
> > I'm using plphpu and I'd like to allow the regular
> > database user to use it, but since it's
> "untrusted" it
> > requires users to be superusers. If I have to do
> this,
> > I don't want the user to be a superuser for all
> > databases. Is it possible to grant superuser
> status to
> > a user for a specific database?
>
> Exactly how would you prevent him from converting
> that into global
> access? Especially if you're going to give him use
> of an untrusted
> language? He could easily rewrite any configuration
> file you might
> think is going to lock him out of your other
> databases.
You lost me - how is any of that possible?
>
> > (The function uses mail(), so IIRC that
> necessitates
> > using plphpu).
>
> Sending mail from a database function (or doing
> anything else that
> involves external side-effects) is generally A Bad
> Idea, for reasons
> that have been covered many times in the list
> archives.
Why, exactly? In this situation I just set up a
trigger that sends a welcome email to newly inserted
members. Very convenient.
CSN
____________________________________________________
Start your day with Yahoo! - make it your home page
http://www.yahoo.com/r/hs
