Re: Preventing changes to default settings of a collective account?

Collective user accounts are all well & good so long as everyone using
it understands that you don't change stuff.  If you've got a user who is
adamant that they have to have a specific password, etc...  Then your
only recourse is to create them their own user account. I've done that.
It's a bit painful, but a lot less than having the collective/generic
access account messed with.  Therefore I agree wholeheartedly with Tom.

-----Original Message-----
From: Tom Lane [mailto:tgl@sss.pgh.pa.us]
Sent: Thursday, February 24, 2005 10:46 AM
To: Alex Gutman
Cc: pgsql-admin@postgresql.org
Subject: Re: [ADMIN] Preventing changes to default settings of a
collective account?

Alex Gutman <agutman@emc.com> writes:
> (The NOCREATEUSER option used when creating the collective user does
> prevent it from changing its own password via
> ALTER USER guest WITH ... PASSWORD ...

You think so?

This approach is doomed to failure --- the system sees no reason not to
allow a user to change his own configuration, including his password.

> Is there any way I could achieve my goal?

Use more than one username.

            regards, tom lane

---------------------------(end of broadcast)---------------------------
TIP 7: don't forget to increase your free space map settings