Re: [HACKERS] QGIS Seem To Bypass PostgreSQL/PostGIS User Privileges/Permissions

Hi John, Thanks for your response. From my experience as a Software Developer, I don't think QGIS can logon to my database/schema/table with a dedicated user as they need authentication to do so. What you described about using a dedicated user in applications is only possible because that user

Re: [HACKERS] QGIS Seem To Bypass PostgreSQL/PostGIS User Privileges/Permissions

Hi all, 2017-03-17 17:09 GMT+01:00 John Scalia : > While I do not know QGIS, I'm wondering if it's similar to some of our > applications where they always use the same system login for the database > while each user provides a unique login to the application. Have you

Re: [HACKERS] QGIS Seem To Bypass PostgreSQL/PostGIS User Privileges/Permissions

While I do not know QGIS, I'm wondering if it's similar to some of our applications where they always use the same system login for the database while each user provides a unique login to the application. Have you ever set log_connections in your postgresql.conf file? That would show you which

Re: [HACKERS] QGIS Seem To Bypass PostgreSQL/PostGIS User Privileges/Permissions

Hi Giuseppe, Thanks for the response. I have provided the GRANTS and other PostgreSQL setup scripts below as it includes what you have suggested: ROLE - CREATE ROLE WITH NOLOGIN NOSUPERUSER INHERIT NOCREATEDB NOCREATEROLE NOREPLICATION; USER -- CREATE USER WITH PASSWORD ''

Re: [HACKERS] QGIS Seem To Bypass PostgreSQL/PostGIS User Privileges/Permissions

Hi Osahon, 2017-03-17 15:54 GMT+01:00 Osahon Oduware : > Hi All, > > I created a "Read-only" User in PostgreSQL via a Role with "SELECT" ONLY > privilege on all tables in a schema as shown below: > > GRANT SELECT ON ALL TABLES IN SCHEMA [schema_name] TO [role_name] >