Thread: Setup for a db class

Setup for a db class

From
Terry Letsche
Date:
Hi. I'm running postgresql on a Debian box, and plan to use it for
teaching a database class. While installing some graphical tools for the
students (namely pgadmin3), I discovered that the students could see each
other's work by simply browsing to someone else's database. What am I
missing on permissions? Each student's database is set to be owned by
them, but the contents are still browsable.

Any suggestions on configuration for a similar lab situation are welcome!

Terry

--
Terry Letsche  | http://terry.letsche.net | terry at letsche dot net

Re: Setup for a db class

From
"Goulet, Dick"
Date:
Terry,

    In pga_conf.hba you can setup to restrict access to the other databases as in:

# TYPE  DATABASE    USER        IP-ADDRESS        IP-MASK           METHOD
# IPv6-style local connections:
host    db1         usr1         ::1               ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff        trust
host    db2         usr2         172.20.0.0        255.255.0.0       trust
host    db3         usr3         172.17.0.0        255.255.0.0       trust

Dick Goulet
Senior Oracle DBA
Oracle Certified 8i DBA

-----Original Message-----
From: Terry Letsche [mailto:terry@letsche.net]
Sent: Tuesday, September 14, 2004 2:47 PM
To: pgsql-admin@postgresql.org
Subject: [ADMIN] Setup for a db class



Hi. I'm running postgresql on a Debian box, and plan to use it for
teaching a database class. While installing some graphical tools for the
students (namely pgadmin3), I discovered that the students could see each
other's work by simply browsing to someone else's database. What am I
missing on permissions? Each student's database is set to be owned by
them, but the contents are still browsable.

Any suggestions on configuration for a similar lab situation are welcome!

Terry

--
Terry Letsche  | http://terry.letsche.net | terry at letsche dot net

---------------------------(end of broadcast)---------------------------
TIP 5: Have you checked our extensive FAQ?

               http://www.postgresql.org/docs/faqs/FAQ.html

Re: Setup for a db class

From
Oliver Elphick
Date:
On Tue, 2004-09-14 at 20:39, Goulet, Dick wrote:
> Terry,
>
>     In pga_conf.hba you can setup to restrict access to the other databases as in:
>
> # TYPE  DATABASE    USER        IP-ADDRESS        IP-MASK           METHOD
> # IPv6-style local connections:
> host    db1         usr1         ::1               ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff        trust
> host    db2         usr2         172.20.0.0        255.255.0.0       trust
> host    db3         usr3         172.17.0.0        255.255.0.0       trust

You can also put "sameuser" as the database, to restrict it to a user of
the same name as the database.

--
Oliver Elphick                                          olly@lfix.co.uk
Isle of Wight                              http://www.lfix.co.uk/oliver
GPG: 1024D/A54310EA  92C8 39E7 280E 3631 3F0E  1EC0 5664 7A2F A543 10EA
                 ========================================
     "But without faith it is impossible to please him; for
      he that cometh to God must believe that he is, and
      that he is a rewarder of them that diligently seek
      him."        Hebrews 11:6