Home > mailing lists

"default deny" for roles - Mailing list pgsql-hackers

From	David Fetter
Subject	"default deny" for roles
Date	August 28, 2012 20:26:02
Msg-id	20120828172557.GH17812@fetter.org Whole thread Raw
Responses	Re: "default deny" for roles Re: "default deny" for roles Re: "default deny" for roles
List	pgsql-hackers

Tree view

Folks,

There are situations where a "default deny" policy is the best fit.

To that end, I have a modest proposal:
   REVOKE PUBLIC FROM role;

Thenceforth, the role in question would only have access to things it
was specifically granted.

What say?

Cheers,
David.
-- 
David Fetter <david@fetter.org> http://fetter.org/
Phone: +1 415 235 3778  AIM: dfetter666  Yahoo!: dfetter
Skype: davidfetter      XMPP: david.fetter@gmail.com
iCal: webcal://www.tripit.com/feed/ical/people/david74/tripit.ics

Remember to vote!
Consider donating to Postgres: http://www.postgresql.org/about/donate

pgsql-hackers by date:

From: Tom Lane
Date: 28 August 2012, 20:06:45
Subject: Re: MySQL search query is not executing in Postgres DB

From: Tom Lane
Date: 28 August 2012, 20:30:47
Subject: Re: SP-GiST micro-optimizations

"default deny" for roles - Mailing list pgsql-hackers

Previous

Next