Thread: Managing Users
I'm having a bit of a problem managing users. I have a database owned by user joe. Joe has a bunch of tables in this database and is allowed to create databases but not users. All the tables are owned by joe. If I create another user without any privledges at all, that user is able to (on my system) create tables in any existing databases. Including joes database. Do I have something improperly configured, or is this just the way Postgres works? I realize I have little details, but I'm not entirely sure whats causing this so I don't know what details to include. Thanks, Chris
hi, do you modified your [postgresql directory]/data/pg_hba.conf and pg_ident.conf in order to limit access to this database? bye Chris Cameron wrote: > I'm having a bit of a problem managing users. > > I have a database owned by user joe. Joe has a bunch of tables in this > database and is allowed to create databases but not users. All the > tables are owned by joe. > If I create another user without any privledges at all, that user is > able to (on my system) create tables in any existing databases. > Including joes database. > > Do I have something improperly configured, or is this just the way > Postgres works? I realize I have little details, but I'm not entirely > sure whats causing this so I don't know what details to include. > > Thanks, > Chris > > > ---------------------------(end of broadcast)--------------------------- > TIP 3: if posting/reading through Usenet, please send an appropriate > subscribe-nomail command to majordomo@postgresql.org so that your > message can get through to the mailing list cleanly > > -- Emmanuel SARACCO Email: esaracco@noos.fr
Heya Chris,
Chris Cameron wrote:
>
> I'm having a bit of a problem managing users.
>
> I have a database owned by user joe. Joe has a bunch of tables in this
> database and is allowed to create databases but not users. All the
> tables are owned by joe.
> If I create another user without any privledges at all, that user is
> able to (on my system) create tables in any existing databases.
> Including joes database.
>
> Do I have something improperly configured, or is this just the way
> Postgres works? I realize I have little details, but I'm not entirely
> sure whats causing this so I don't know what details to include.
>
That's about right =) You can have different users creating different
tables in the same database...
The users, however, won't be able to access the other users' tables,
unless he or she has been GRANTed access to them =)
Hope that helps.
Cheers,
John Clark
--
/) John Clark Naldoza y Lopez (\
/ ) Software Design Engineer III ( \
_( (_ _ Web-Application Development _) )_
(((\ \> /_> Cable Modem Network Management System <_\ </ /)))
(\\\\ \_/ / NEC Telecom Software Phils., Inc. \ \_/ ////)
\ / \ /
\ _/ phone: (+63 32) 233-9142 loc. 3113 \_ /
/ / cellphone: (+63 919) 399-4742 \ \
/ / email: njclark@ntsp.nec.co.jp \ \
"Intelligence is the ability to avoid doing work, yet getting the work
done"
--Linus Torvalds
On Mon, 15 Oct 2001, Chris Cameron wrote: > I'm having a bit of a problem managing users. > > I have a database owned by user joe. Joe has a bunch of tables in this > database and is allowed to create databases but not users. All the > tables are owned by joe. > If I create another user without any privledges at all, that user is > able to (on my system) create tables in any existing databases. > Including joes database. > > Do I have something improperly configured, or is this just the way > Postgres works? I realize I have little details, but I'm not entirely > sure whats causing this so I don't know what details to include. Right now, if a user can connect to a database, they can create objects. You can make it impossible for the user to connect to the database by using the pg_hba.conf to disallow the connections, but that's as far as it goes.