On Feb 15, 2009, at 2:47 PM, Stuart McGraw wrote:
I just hoping for some confirmation that the permissions based
approach did not have some holes in it that I am
not seeing.
Another possibility is to create a set of functions that contain the
query operations you would like to allow, isolate those in a schema,
and make that schema the only thing accessible to the (semi-)trusted
users.
Generally, I try to design things so that web servers and other
clients who could potentially be compromised don't execute full-
function SQL directly, but go through functions instead.
--
Sent via pgsql-general mailing list (pgsql-general@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-general
