Participants
Sim Zacks
Sim Zacks
Guillermo Arias
Guillermo Arias
Willy-Bas Loos
Willy-Bas Loos
Attachments
Show all attachments
Thread Outline
#1Guillermo AriasGuillermo Arias
Jan 21, 2008
#2Sim ZacksSim Zacksto Guillermo Arias (#1)
Jan 22, 2008
#3Willy-Bas LoosWilly-Bas Loosto Sim Zacks (#2)
Jan 22, 2008
#4Sim ZacksSim Zacksto Willy-Bas Loos (#3)
Jan 22, 2008

create a limited user in Postgre

Started by Guillermo Ariasabout 18 years ago4 messagesgeneral
Jump to latest
#1Guillermo Arias
Guillermo Arias
guillermoariast@gmail.com

Hi, i have a question:

I have a database and i want to create a administrator user with total
control and another that only could make queries and could not see nor
modify the functions.

The reason is that in the database that i will distribute are the
functions with a big part of the software logics and i do not want
these to be seen by my customers.

Thanks in advance, Guillermo

#2Sim Zacks
Sim Zacks
sim@compulab.co.il
In reply to: Guillermo Arias (#1)
Re: create a limited user in Postgre

That's not very open-source of you. LOL.

Aside from database permission issues, which are not a problem, you would also
have to not give them superuser access to their own database server (something
that a lot of companies will not be happy with). Especially if they want to the
possibility of other databases on the server. You would also have to prevent
them from holding onto the backups, something that most companies would not
tolerate at all.

sim

Guillermo Arias wrote:

Show quoted text

Hi, i have a question:

I have a database and i want to create a administrator user with total
control and another that only could make queries and could not see nor
modify the functions.

The reason is that in the database that i will distribute are the
functions with a big part of the software logics and i do not want
these to be seen by my customers.

Thanks in advance, Guillermo

#3Willy-Bas Loos
Willy-Bas Loos
willybas@gmail.com
In reply to: Sim Zacks (#2)
Re: create a limited user in Postgre

and another that only could make queries and could not see nor
modify the functions.

Up until 8.1 it is possible to see all the functions (plpgsql code) in
pgAdmin, even if you don't have access rights to the schema.
I'm not sure how this is in 8.2 or 8.3?

WBL

On Jan 22, 2008 7:02 AM, Sim Zacks <sim@compulab.co.il> wrote:

Show quoted text

That's not very open-source of you. LOL.

Aside from database permission issues, which are not a problem, you would
also
have to not give them superuser access to their own database server
(something
that a lot of companies will not be happy with). Especially if they want
to the
possibility of other databases on the server. You would also have to
prevent
them from holding onto the backups, something that most companies would
not
tolerate at all.

sim

Guillermo Arias wrote:

Hi, i have a question:

I have a database and i want to create a administrator user with total
control and another that only could make queries and could not see nor
modify the functions.

The reason is that in the database that i will distribute are the
functions with a big part of the software logics and i do not want
these to be seen by my customers.

Thanks in advance, Guillermo

---------------------------(end of broadcast)---------------------------
TIP 1: if posting/reading through Usenet, please send an appropriate
subscribe-nomail command to majordomo@postgresql.org so that your
message can get through to the mailing list cleanly

#4Sim Zacks
Sim Zacks
sim@compulab.co.il
In reply to: Willy-Bas Loos (#3)
Re: create a limited user in Postgre

That's because the definitions of the functions are not stored in the
schema.

functions are stored in the pg_catalog schema in the pg_proc table and
views are accessible via the multiple pg_get_viewdef functions in the
same schema.

If you block access to that table and fucntion then pgadmin would not be
able to show the function or view definition.

However, as long as the user has access to a backup, they have access to
all the definitions, no matter what you do.

Sim

-------- Original Message --------
Subject: [GENERAL] create a limited user in Postgre
From: Willy-Bas Loos <willybas@gmail.com>
To: Sim Zacks <sim@compulab.co.il>
Date: Tuesday, January 22, 2008 09:53:13 AM

Show quoted text

and another that only could make queries and could not see nor
modify the functions.

Up until 8.1 it is possible to see all the functions (plpgsql code) in
pgAdmin, even if you don't have access rights to the schema.
I'm not sure how this is in 8.2 or 8.3?

WBL

On Jan 22, 2008 7:02 AM, Sim Zacks <sim@compulab.co.il
<mailto:sim@compulab.co.il>> wrote:

That's not very open-source of you. LOL.

Aside from database permission issues, which are not a problem,
you would also
have to not give them superuser access to their own database
server (something
that a lot of companies will not be happy with). Especially if
they want to the
possibility of other databases on the server. You would also have
to prevent
them from holding onto the backups, something that most companies
would not
tolerate at all.

sim

Guillermo Arias wrote:

Hi, i have a question:

I have a database and i want to create a administrator user with

total

control and another that only could make queries and could not

see nor

modify the functions.

The reason is that in the database that i will distribute are the
functions with a big part of the software logics and i do not want
these to be seen by my customers.

Thanks in advance, Guillermo

---------------------------(end of
broadcast)---------------------------
TIP 1: if posting/reading through Usenet, please send an appropriate
subscribe-nomail command to majordomo@postgresql.org
<mailto:majordomo@postgresql.org> so that your
message can get through to the mailing list cleanly

← Back to Topics