Thread: need some help..securing multiple databases/users

need some help..securing multiple databases/users

From
Frank Nijenhuis
Date:
Hai ppl,
I'm setting up a postgresql server to be used by several customers for
webapplications. We mainly use mysql here and sybase and our third
database platform has to be postgres. Read the documentations, read the
books but I still miss information and I don't feel like I got my fingers
behind it.

Setup should be simple. Create one user, create one database. Users are
not allowed to create other users or databases. They should be stuck
within their database and have all create rights in that database.
In time maybe some more users should be added to that database where the
initial user should give them rights to the objects within that database.

1) I create a user as user postgres with the options not to be allowed to
create other databases or users
2) I set his password with the alter statement
3) I create a database.....

a) how do I appoint this database to that user? Or how do I have a user
   "own" a database?
   I would like the situation where they login, get appointed to their
   database and never be able to "use" another database.
   How can 2 users have the create table right on a database? The grant
   statement doesn't have the "create" rights, only insert, update etc
   on objects. Adding more users to a specific database, can that only be
   done by the using groups concept?

b) Insight in the systemtables would be nice, is their any documentation
on that subject? Is it possible to reverse engineer them?


Maybe someone answer my questions? Or some hints where to look for more
info.

Thanx

Frank