On Sun, Jun 30, 2013 at 05:45:47PM -0700, David Johnston wrote: > So PostgreSQL is only useful, for shared hosting, when the only permissible > access is via vendor-supplied resources (APIs, administrators, etc...)?
No, of course not, especially in light of recent improvements. But any finely-grained permissions system is a pain to use. (E.g.: WindowsNT from the very beginning had the excellent granularity that users of VMS were used to, but it was hard to manage, just like it was in VMS. In Windows-land, this meant endless compromises because of people doing things as Administrator; that wasn't a condemnation of the ACL system, which really was very good. But as a practical security system, it turned out to be weak because of usability.) If you want "easy", then just give different databases per user. If you want complicated, you need an administrator; yes, that needs to be in some sense under the control of the host. We have roughly 40 years of experience with these things, and the evidence is that "comprehensive but easy" is either badly insecure or very hard to operate well. Which trade do you want to make? Best, A -- Andrew Sullivan a...@crankycanuck.ca -- Sent via pgsql-general mailing list (pgsql-general@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-general
