Skip site navigation (1)
Skip section navigation (2)
Peripheral Links
Header And Logo
|
Site Navigation
Re: Feature request: permissions change history for auditing
- From: Thom Brown <thombrown(at)gmail(dot)com>
- To: Glyn Astill <glynastill(at)yahoo(dot)co(dot)uk>
- Cc: pgsql-hackers(at)postgresql(dot)org
- Subject: Re: Feature request: permissions change history for auditing
- Date: Mon, 30 Nov 2009 13:46:00 +0000
- Message-id: <bddc86150911300546ubb70cb7h28bcee9c2a7aadce@mail.gmail.com> <text/plain>
2009/11/30 Glyn Astill <glynastill(at)yahoo(dot)co(dot)uk> > --- On Mon, 30/11/09, Thom Brown <thombrown(at)gmail(dot)com> wrote: > > > As far as I am aware, there is no way to tell when a > > user/role was granted permissions or had permissions > > revoked, or who made these changes. I'm wondering if > > it would be useful for security auditing to maintain a > > history of permissions changes only accessible to > > superusers? > > I'd have thought you could keep track of this in the logs by setting > log_statement >= ddl ? > > I'm pretty sure this is a feature that's not wanted, but the ability to add > triggers to these sorts of events would surely make more sense than a > specific auditing capability. > > I concede your suggestion of the ddl log output. I guess that could then be filtered to obtain the necessary information. Thanks Thom
- Follow-Ups:
- Re: Feature request: permissions change history for auditing
- From: Andrew Dunstan
- Re: Feature request: permissions change history for auditing
- References:
- Feature request: permissions change history for auditing
- From: Thom Brown
- Re: Feature request: permissions change history for auditing
- From: Glyn Astill
- Feature request: permissions change history for auditing
- Prev by Date: Re: Block-level CRC checks
- Next by Date: Re: Feature request: permissions change history for auditing
- Previous by thread: Re: Feature request: permissions change history for auditing
- Next by thread: Re: Feature request: permissions change history for auditing
- Indexes: