--- On Mon, 30/11/09, Thom Brown <thombr...@gmail.com> wrote: > As far as I am aware, there is no way to tell when a > user/role was granted permissions or had permissions > revoked, or who made these changes. I'm wondering if > it would be useful for security auditing to maintain a > history of permissions changes only accessible to > superusers?
I'd have thought you could keep track of this in the logs by setting log_statement >= ddl ? I'm pretty sure this is a feature that's not wanted, but the ability to add triggers to these sorts of events would surely make more sense than a specific auditing capability. -- Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers
