Tjibbe <tjibbe@hotmail.com> writes:
> Hello, Is het possible tot REVOKE the ALTER USER command? In such a way tha=
> t users cannot change their password and username? And also cannot delete t=
> hemeself with DROP USER?
Ordinary users (those without superuser or createrole privilege) can't
do any of that except change their own password ... and I don't see a
particularly good argument for preventing them from doing that.
> Now I solve the problem in PHP, to filter de SQL query string behore sendin=
> g to postgresql as follows:
If you're allowing untrusted sources to provide chunks of SQL to be
executed directly, you've got problems far worse than this one.
regards, tom lane
