Granting total access is generally a bad idea. It requires that your PHP-scripts/modules (or whatever) checks every request that access your database to ensure only valid/allowed queries are made.
The "permission denied" reply suggests an Apache configuration error, not a PostgreSQL related error. -------------------------------------------------------------- Rasmus T. Mohr Direct : +45 36 910 122 Application Developer Mobile : +45 28 731 827 Netpointers Intl. ApS Phone : +45 70 117 117 Vestergade 18 B Fax : +45 70 115 115 1456 Copenhagen K Email : mailto:[EMAIL PROTECTED] Denmark Website : http://www.netpointers.com "Remember that there are no bugs, only undocumented features." -------------------------------------------------------------- > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED]]On Behalf Of Nick Fankhauser > Sent: Friday, April 26, 2002 4:25 PM > To: Steven Cuthbertson; [EMAIL PROTECTED] > Subject: Re: [ADMIN] Permission on tables > > > > > grant ALL on mytable to PUBLIC; > > > > Q: Is this dangerous? What is encompassed by "ALL"? Read? Write? > > Sounds unwise to me, but I'm not a PHP-er. > > In the Tomcat/Apache world, I can tell you that we generally > grant select on > mytable to "www-data". > "www-data is the user that Apache runs as by default. I'd > suggest finding > the Apache or PHP user & then granting only those privileges > needed to only > that user. > > Are you sure that you aren't just getting a more general > rejection of your > connection due to problem in pg_hba? You mention that the servers are > separated. You could test the connectivity & authorization > from X to Y by > trying (from X) psql -hY > > regards, > > -Nick > > --------------------------------------------------------------------- > Nick Fankhauser > > [EMAIL PROTECTED] Phone 1.765.965.7363 Fax 1.765.962.9788 > doxpop - Court records at your fingertips - http://www.doxpop.com/ > > > ---------------------------(end of > broadcast)--------------------------- > TIP 4: Don't 'kill -9' the postmaster > > ---------------------------(end of broadcast)--------------------------- TIP 1: subscribe and unsubscribe commands go to [EMAIL PROTECTED]
