On Wed, Jan 7, 2009 at 11:39 PM, Craig Ringer
wrote:
> Scott Marlowe wrote:
>
Is there a way to let PostgreSQL to allow inherited tables to be owned
by different roles?
>>>
>>> Not that I know of, and given the security implications I'd be a bit
>>> nervous
>>> about it unless it was don
On Wed, Jan 7, 2009 at 11:39 PM, Craig Ringer
wrote:
> Scott Marlowe wrote:
>
Is there a way to let PostgreSQL to allow inherited tables to be owned
by different roles?
>>>
>>> Not that I know of, and given the security implications I'd be a bit
>>> nervous
>>> about it unless it was don
Scott Marlowe wrote:
Is there a way to let PostgreSQL to allow inherited tables to be owned
by different roles?
Not that I know of, and given the security implications I'd be a bit nervous
about it unless it was done via an explicitly GRANTed right.
I hope here you're meaning to have tables t
On Sun, Jan 4, 2009 at 9:05 PM, Craig Ringer
wrote:
> alvar...@alvarezp.ods.org wrote:
>
>> (2) per-user schemas
>> with "CREATE TABLE (LIKE parent_table)", as getting the data from all
>> users at once would also be difficult and modifying the column
>> definition on the user tables would be pret
On Mon, 2009-01-05 at 13:05 +0900, Craig Ringer wrote:
> alvar...@alvarezp.ods.org wrote:
>
> > On user account creation, the schema gets created and the interface
> > tries to do a "CREATE TABLE my_relation () INHERITS
> > (_skel.my_relation);" as the new role, but PostgreSQL returns the error
>
Octavio Alvarez wrote:
> CHECK constraints or FOREIGN keys to secured tables are present so the
> users don't fill up the tables with dummy rows to perform a DoS. This
> can or can not be ultimately desired, though.
Beware here. IIRC PostgreSQL's inheritance support has some major
limitations whe
On Mon, 2009-01-05 at 13:05 +0900, Craig Ringer wrote:
> alvar...@alvarezp.ods.org wrote:
>
> > On user account creation, the schema gets created and the interface
> > tries to do a "CREATE TABLE my_relation () INHERITS
> > (_skel.my_relation);" as the new role, but PostgreSQL returns the error
> >
alvar...@alvarezp.ods.org wrote:
(2) per-user schemas
with "CREATE TABLE (LIKE parent_table)", as getting the data from all
users at once would also be difficult and modifying the column
definition on the user tables would be pretty much error-prone.
I'd think about this one, personally. You c
Hello.
I am testing different security models to use on a new database, where I
want different users to be restricted to their own data.
Users would be able to connect to the database through an interface, but
in particular cases of advanced users, they will be able to directly
connect to the da
