Re: Revoke Public Database Connect
| От | Lacey L. Powers |
|---|---|
| Тема | Re: Revoke Public Database Connect |
| Дата | |
| Msg-id | 4DE03619.1060503@gmail.com обсуждение исходный текст |
| Ответ на | Re: Revoke Public Database Connect (Francisco Leovey <fleovey@yahoo.com>) |
| Список | pgsql-novice |
Hello Alan, You can also be very careful with your pg_hba.conf settings, and only allow certain users connections: http://www.postgresql.org/docs/current/interactive/auth-pg-hba-conf.html Also, you can create the database with CONNECTION LIMIT 0, and only superusers will be allowed to connect to it. http://www.postgresql.org/docs/current/static/sql-createdatabase.html You could then load the data, and change the connection limit, after you've appropriately loaded the data. Hope that helps. =) Regards, Lacey > That is a ridiculous "nanosecond window" - the database you created is empty - nothing to connect to. Just load data AFTERthe revoke. > > --- On Fri, 5/27/11, Alan Gutierrez<alan@prettyrobots.com> wrote: > > > From: Alan Gutierrez<alan@prettyrobots.com> > Subject: [NOVICE] Revoke Public Database Connect > To: pgsql-novice@postgresql.org > Date: Friday, May 27, 2011, 2:55 PM > > > I'm configuring a multi-tenant PostgreSQL server. When I create a new database, anyone can connect to it. For me, thatis bad. > > I run: > > REVOKE CONNECT ON DATABASE d FROM public; > > Now I'm only able to connect to the database as postgres. > > I tired putting the create and revoke in a transaction, but create database cannot be put in a transaction. How do I createa database so there is not that nanosecond window where someone could connect to the database publiclly? > > -- > Alan Gutierrez - http://twitter.com/bigeasy - http://github.com/bigeasy > > -- Sent via pgsql-novice mailing list (pgsql-novice@postgresql.org) > To make changes to your subscription: > http://www.postgresql.org/mailpref/pgsql-novice >
В списке pgsql-novice по дате отправления: