[lug] postgres
George Sexton
gsexton at mhsoftware.com
Thu May 8 13:11:01 MDT 2003
Why would you not use the built-in database security to grant rights within
the database?
-----Original Message-----
From: lug-admin at lug.boulder.co.us [mailto:lug-admin at lug.boulder.co.us]On
Behalf Of Hugh Brown
Sent: Thursday, May 08, 2003 9:37 AM
To: LUG
Subject: [lug] postgres
I am playing around with the version of postgres from rh9. they added a
new column to the pg_hba.conf file that allows you to specify
users/groups that are allowed to connect.
My question is this. I have a machine that will have multiple databases
within the instance of postgres. new ones will be created to do
development, etc.
I have a particular database that I only want members of a certain group
to be able to access, but be able to allow anyone else to access any
other database. I can't seem to find a way to do this.
so far I have
host specialdb +specialgroup ip netmask md5
host specialdb +specialgroup 127.0.0.1 255.255.255.255 md5
local specialdb +specialgroup md5
host all all 127.0.0.1 255.255.255.255 md5
local all all md5
which keeps anyone not on the local machine off, but any user on the
local machine can get to the specialdb regardless of their membership in
specialgroup.
what I'd really like is a directive like:
host specialdb !+specialgroup reject
but there doesn't seem to be one. Anyone know how to be exclusive
rather than inclusive (which is how the documentation says to do it)?
Hugh
_______________________________________________
Web Page: http://lug.boulder.co.us
Mailing List: http://lists.lug.boulder.co.us/mailman/listinfo/lug
Join us on IRC: lug.boulder.co.us port=6667 channel=#colug
More information about the LUG
mailing list