Postgres Pro
Downloads
Home   >   mailing lists

Re: [GENERAL] Limiting DB access by role after initial connection? - Mailing list pgsql-general

From Ken Tanzer
Subject Re: [GENERAL] Limiting DB access by role after initial connection?
Date
Msg-id CAD3a31XYZ0M_E3jt=cDpfjWGUqenps4cjdC9TpyKHRo7tpc=wQ@mail.gmail.com
Whole thread Raw
In response to Re: [GENERAL] Limiting DB access by role after initial connection?  ("btober@computer.org" <btober@broadstripe.net>)
List pgsql-general
Tree view
 

As to your very last point (suggestions about other approaches), is it impossible or impractical to migrate to a scheme in which each user actually has a data base role and their own password? Postgresql has really great facility for managing database authorization and access by means of login roles assignable membership in group roles. Why not let the tool do what it can already do very effectively?

-- B


If you mean having each individual person having their own role, I'd say it's not impossible, impractical at the current moment but (probably) desirable and a longer-term goal.  There's just an awful lot of logic that would have to be worked into the access control, as well as a way to create and maintain all the roles.  Some day!  Maybe! :)

Ken


--
learn more about AGENCY or
follow the discussion.

pgsql-general by date:

Previous
From: Adrian Klaver
Date:
Subject: Re: [GENERAL] Vacuum and state_change
Next
From: armand pirvu
Date:
Subject: Re: [GENERAL] Vacuum and state_change