Re: Is this a security risk?
| От | Adam Witney |
|---|---|
| Тема | Re: Is this a security risk? |
| Дата | |
| Msg-id | 8EBCE14D-7CC8-4EEB-9BB1-FEAB0AAAF6D0@sgul.ac.uk обсуждение исходный текст |
| Ответ на | Re: Is this a security risk? ("Albe Laurenz" <laurenz.albe@wien.gv.at>) |
| Список | pgsql-general |
On 17 Dec 2008, at 14:44, Albe Laurenz wrote: > Adam Witney wrote: >>>> I would like to provide a limited view of my database to some >>>> users, >>>> so i thought of creating a second database (I can control access by >>>> IP >>>> address through pg_hba.conf) with some views that queried the first >>>> database using dblink. >>> >>> In my opinion dblink is not the right tool for that. >>> It will require a user account on the "secret" database through >>> which >>> dblink accesses it. You'd have to restrict permissions for that user >>> if you want to keep the thing secure. >>> >>> So why not access the "secret" database directly with that user and >>> get rid of the added difficulty of dblink? >>> >>> You can rely on the permission system. Just grant the user the >>> appropriate >>> privileges on the necessary objects, and if you need the user to see >>> only part of the data in a table, create a view for that. >> >> thanks for your reply, >> >> The user already has permissions within the 'secret' database, but >> normally they interact with it through a web interface only. I was >> worried that the user could get in and mess around with other things, >> such as the sequences which are used to populate primary keys. >> >> Also ideally I only wanted to create a read only access to certain >> parts of the database, I couldn't think of any other way to do it... >> are there any more standard ways of doing this? > > Yes. > > You grant read access with GRANT SELECT ON table/view TO user. > > It's no less secure than accessing a database as that user via dblink. thanks again for your email. The problem is that the user account already has SELECT/UPDATE/INSERT/ DELETE access on the views, as they need it when accessing the database through the web interface. What i wanted to do is provide a read only access to only some views (this is for a programmatic querying API). By using the second database i could restrict access to this side of it using IP address filtering in the pg_hba.conf file. thanks again adam
В списке pgsql-general по дате отправления: