Re: Problems with user-level security - Mailing list pgsql-admin

From Tom Lane
Subject Re: Problems with user-level security
Date
Msg-id 5539.1005157268@sss.pgh.pa.us
Whole thread Raw
In response to Problems with user-level security  (Nick Sayer <nsayer@quack.kfu.com>)
List pgsql-admin
Nick Sayer <nsayer@quack.kfu.com> writes:
> Is there some way to achieve this I am missing?

For password-style authentication, you can use a secondary auth file to
get that effect:

local sameuser password
local all password crossauth

where $PGDATA/crossauth lists the users who should be allowed to connect
to databases other than their own:

backups
pgsql

The map file can serve a similar purpose for ident-based auth.  AFAIK
there's no similar capability for Kerberos or PAM auth methods :-(

            regards, tom lane

pgsql-admin by date:

Previous
From: Peter Eisentraut
Date:
Subject: Re: Problems with user-level security
Next
From: "Shuzo Kubo"
Date:
Subject: REINDEXing user table in non stand-alone?