thank you _SO_ much. I'm not sure how I overlooked that, but it is far easier to manage using connect. I'm assuming
thateven if tables have public privileges granted, that they are not visible to people not granted connect privileges
tothe database?<br /><br />Thanks,<br />Isaac<br /><br /><div class="gmail_quote">On Fri, May 22, 2009 at 12:31 PM, Tom
Lane<span dir="ltr"><<a href="mailto:tgl@sss.pgh.pa.us">tgl@sss.pgh.pa.us</a>></span> wrote:<br /><blockquote
class="gmail_quote"style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left:
1ex;"><divclass="im">Isaac Dover <<a href="mailto:isaacdover@gmail.com">isaacdover@gmail.com</a>> writes:<br />
>>As far as i can tell,<br /> >> pg_hba.conf is the only manner in which to prevent users from connecting
to<br/> >> other users' databases. I've restricted roles to connecting only using<br /> >> sameuser:<br />
>><br/> >> host sameuser all <a href="http://192.168.168.0/24" target="_blank">192.168.168.0/24</a> md5<br
/><br/></div>In recent releases (certainly 8.3) the better approach is probably to<br /> use CONNECT privilege to grant
ordeny access. However that does have<br /> some drawbacks if you intend to let users create their own databases<br />
---they have to remember to set the privileges properly on new DBs.<br /><br /> regards, tom
lane<br/></blockquote></div><br />
