Re: Who should own database?
| От | petrov.boris.v@mail.ru |
|---|---|
| Тема | Re: Who should own database? |
| Дата | |
| Msg-id | 54DA51B1.5000506@mail.ru обсуждение исходный текст |
| Ответ на | Re: Who should own database? (Daniel Staal <DStaal@usa.net>) |
| Список | pgsql-novice |
On 10.02.2015 18:34, Daniel Staal wrote: > boris_developer be the owner, as php_script sounds like a web interface, > and it's usually best not to give web interfaces any permission they don't > absolutely *need* You kind of confirming the way I am doing it most of the time. Web is limited to minimum permissions it particularly uses and the owner is human user. > Or the owner should be a specific account set up just to be the owner That option also come to mind, and seems logical. Thank you for considerations. On 10.02.2015 18:55, David G Johnston wrote: > Maybe a bit of over engineering initially but it's worth considering. > Slightly simpler is to make the owner role a login role. In either > case client application users should never be able to get owner > permissions. Making LOGIN-less group-role an owner looks complicated to me at least for now (not even sure I get it completely), but definitely worth considering. Thank you for sharing.
В списке pgsql-novice по дате отправления: