Postgres Pro
Downloads
Home   >   mailing lists

Re: How restrict select on a view ? - Mailing list pgsql-general

From Klint Gore
Subject Re: How restrict select on a view ?
Date
Msg-id 494714BC.6020006@une.edu.au
Whole thread Raw
In response to How restrict select on a view ?  (Andreas <maps.on@gmx.net>)
Responses Re: How restrict select on a view ?  ("Merlin Moncure" <mmoncure@gmail.com>)
List pgsql-general
Tree view 
Andreas wrote:
> I'd like to have a view only to be used by certain users.
> The tables are public.
>
> Can this only be done by restricting access to the tables?
>

GRANT/REVOKE works on views
revoke all on aview from public;
grant select on aview to user1;

As Raymond pointed out, if user2 knows what the definition of aview is,
they can just run it against the raw tables.
e.g.
create view aview as select * from pg_proc;
revoke all on aview from public;
grant select on aview to user1;
set session authorization user2;
select * from aview;  -- fails
select * from pg_proc;  -- works and gives the same result

klint.

--
Klint Gore
Database Manager
Sheep CRC
A.G.B.U.
University of New England
Armidale NSW 2350

Ph: 02 6773 3789
Fax: 02 6773 3266
EMail: kgore4@une.edu.au

pgsql-general by date:

Previous
From: Adrian Klaver
Date:
Subject: Re: Create Language Error
Next
From: Sebastian Böhm
Date:
Subject: Re: tup_returned/ tup_fetched