| Lists: | pgsql-general |
|---|
| From: | jwsacksteder(at)ramprecision(dot)com |
|---|---|
| To: | pgsql-general(at)postgresql(dot)org |
| Subject: | compartmentalizing users |
| Date: | 2004-02-27 16:01:54 |
| Message-ID: | 71650A6F73F1D411BE8000805F65E3CB3B3967@SRV-03 |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Lists: | pgsql-general |
Is there a way to segregate users by database or schema so that in a hosting
situation you could keep different customers apart? Otherwise, the
unpleasant alternative is to run separate instances of Postgres.
| From: | Bill Moran <wmoran(at)potentialtech(dot)com> |
|---|---|
| To: | jwsacksteder(at)ramprecision(dot)com |
| Cc: | pgsql-general(at)postgresql(dot)org |
| Subject: | Re: compartmentalizing users |
| Date: | 2004-02-27 16:31:32 |
| Message-ID: | 403F70E4.1000206@potentialtech.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Lists: | pgsql-general |
jwsacksteder(at)ramprecision(dot)com wrote:
> Is there a way to segregate users by database or schema so that in a hosting
> situation you could keep different customers apart? Otherwise, the
> unpleasant alternative is to run separate instances of Postgres.
You can add users and assign rights at the database level.
--
Bill Moran
Potential Technologies
http://www.potentialtech.com
| From: | Bruno Wolff III <bruno(at)wolff(dot)to> |
|---|---|
| To: | jwsacksteder(at)ramprecision(dot)com |
| Cc: | pgsql-general(at)postgresql(dot)org |
| Subject: | Re: compartmentalizing users |
| Date: | 2004-02-27 17:23:26 |
| Message-ID: | 20040227172326.GA18900@wolff.to |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Lists: | pgsql-general |
On Fri, Feb 27, 2004 at 11:01:54 -0500,
jwsacksteder(at)ramprecision(dot)com wrote:
> Is there a way to segregate users by database or schema so that in a hosting
> situation you could keep different customers apart? Otherwise, the
> unpleasant alternative is to run separate instances of Postgres.
Yes, but the separation isn't total. One solution would be to have a DB
per user. However all users will still be able to see the shared
system tables. This will allow them to see schema (DDL definitions)
of other users. Though they won't be able to get at other user's
data.
| From: | Bruce Momjian <pgman(at)candle(dot)pha(dot)pa(dot)us> |
|---|---|
| To: | Bruno Wolff III <bruno(at)wolff(dot)to> |
| Cc: | jwsacksteder(at)ramprecision(dot)com, pgsql-general(at)postgresql(dot)org |
| Subject: | Re: compartmentalizing users |
| Date: | 2004-03-03 14:16:56 |
| Message-ID: | 200403031416.i23EGuo22171@candle.pha.pa.us |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Lists: | pgsql-general |
Bruno Wolff III wrote:
> On Fri, Feb 27, 2004 at 11:01:54 -0500,
> jwsacksteder(at)ramprecision(dot)com wrote:
> > Is there a way to segregate users by database or schema so that in a hosting
> > situation you could keep different customers apart? Otherwise, the
> > unpleasant alternative is to run separate instances of Postgres.
>
> Yes, but the separation isn't total. One solution would be to have a DB
> per user. However all users will still be able to see the shared
> system tables. This will allow them to see schema (DDL definitions)
> of other users. Though they won't be able to get at other user's
> data.
Take a look at the db_user_namespace option in postgresql.conf. It is
used for this purpose.
--
Bruce Momjian | http://candle.pha.pa.us
pgman(at)candle(dot)pha(dot)pa(dot)us | (610) 359-1001
+ If your life is a hard drive, | 13 Roberts Road
+ Christ can be your backup. | Newtown Square, Pennsylvania 19073