On Thu, Feb 15, 2007 at 22:39:13 -0500,
Lou Duchez <[EMAIL PROTECTED]> wrote:
>
> 1) "grant select on database ..." or, hypothetically, "grant select on
> cluster". The goal would be to create a read-only PostgreSQL user, one
> who can read the contents of an entire database (or even the entire
> cluster) but make no changes. Currently, to do my cron job, I have to
> specify a "trusted" user, otherwise PostgreSQL will ask for a password;
> it sure would be nice if I could neuter my "trusted" user so he cannot
> do any damage. (Yes, I could set read-only privileges on a table-by-table
> basis. Obviously, that's a pain.)
You can use ident authentication instead of trust. That may make using the
postgres db account for the cronjob's connection an acceptible risk.
---------------------------(end of broadcast)---------------------------
TIP 4: Have you searched our list archives?
http://archives.postgresql.org/
