logo       
<prev   next>


Re: How to create a new Table in prostgresql from a: msg#00003

Subject: Re: How to create a new Table in prostgresql from a 
On Mon, 16 Aug 2004 19:41:17 -0500 "Todd Lewis" <lewis-todd@xxxxxxxxxxx> sat
down, thought long and then wrote:

> Just a followup question.
> 
> I'm fairly new to using PHP and pg. Security wise how could I limit a request
> such as this? I'm assuming that if you have given a PHP user the ability to
> create tables, the user also has the ability to truncate and delete tables as
> well. 
> 

A database user has not much in common with a PHP user (or a UNIX- or other
system user). The tables will be created with the database user you have
connected with (if you use authentication other than trust or ident, see
pg_hba.conf for details).

So if you create tables within PHP, you create them as the connecting database
user, and of course the creator may destroy them as well.

But if you have a database, in which the tables are owned by user A and you
connect with user B, user B may create tables owned by himself, but usually may
not drop tables owned by user A, if he has not explicitly been granted so.

What I do is: I have a database, in which all tables are owned by user A (a
superuser) and user B (the PHP connecting user) has the right to read, write,
update the tables, so he can work with them. But user B is not able to drop a
table of user A. User B, however, is allowed to create and drop his own tables,
if he likes. 

If you connect every PHP user as a different database user, no database user is
able (if not explicitly granted) to drop other users´ tables. If not granted so,
he is not even able to touch them (he could see their existence, however).

Regards,
-- 
Frank Finner

Memory follows memory, memory defeats memory; some things are banished
only into the realms of our rich imaginings  -  but this does not mean
that they do not or cannot or will not exist - they exist! They exist!
                              (M. Moorcock, "The Revenge Of The Rose")

---------------------------(end of broadcast)---------------------------
TIP 3: if posting/reading through Usenet, please send an appropriate
      subscribe-nomail command to majordomo@xxxxxxxxxxxxxx so that your
      message can get through to the mailing list cleanly
Ruby Jobs
Java Jobs
Jobs in California
more...
what
job title, keywords
where
city, state, zip
jobs by job search
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: plPHP download?, Joshua D. Drake
Next by Date:  Call to undefined function: pg_connect()., alagu raj
Previous by Thread:  plPHP download?, Mark Gibson
Next by Thread:  Call to undefined function: pg_connect()., alagu raj
Indexes:  [Date] [Thread] [Top] [All Lists]

Google Custom Search
Recently Viewed:
encryption.gpg....    ietf.rfc822/199...    freebsd.devel.i...    lang.haskell.li...    mail.squirrelma...    web.zope.plone....    yellowdog.gener...    text.xml.xalan....    recreation.phot...    kde.devel.educa...    hardware.bus.ca...    printing.ghosts...    voip.peering/20...    assembly/2006-0...    org.user-groups...    culture.interne...    network.i2p/200...    boot-loaders.ya...    xfree86.render/...    qnx.openqnx.dev...    jakarta.velocit...    user-groups.pal...   
Home | blog view | USPTO Patent Archive | advertise | OSDir is an inevitable website. super tiny logo

Free Magazines

Cisco News
Receive a free quarterly e-newsletter with exclusive articles on how Cisco IT uses its own products and solutions to enable the business.
subscribe

Systems Management News, the newspaper for IT systems administration and data center managers! Each issue of Systems Management News is chock-full of news and analysis to help you understand what's happening in your field.
subscribe

The Enterprise Newsweekly eWeek is the essential technology information source for builders of e-business.
subscribe

Oracle Magazine Oracle Magazine contains technology strategy articles, sample code, tips, Oracle and partner news, how to articles for developers and DBAs, and more. Oracle (NASDAQ: ORCL) is the world's largest enterprise software company.
subscribe

Total Telecom Total Telecom is "The Economist of the communications industry".
subscribe