Re: Permissions

Andre Labuschagne wrote:
> Encryption is meaningless if the super user can control the encrypting.  What is required is the
> following: the super user grants a user the rights to create a database and all objects within the
> database.  The super user simply grants the user that right.  The super user has zero access to what
> that user creates unless that user explicitly grants the super user those rights.  That is called
> security.  That is what I am trying to achieve with PG.  I was hoping that it is possible to do such a
> thing.  That is what Mimer, Sybase and Interbase [and perhaps others I am yet to encounter] do as a
> matter of course.  It as necessary for the security of a database as wheels are to a car.

If you need exactly that feature, you are probably happier with a different database
system, because PostgreSQL doesn't have it and probably never will.

Most people would argue that this is no hard security, it only makes the attack
more complicated.  As a database superuser I can access files on the file system
in any database I ever heard of, thus I can read the files containing the tables,
thus I can figure out what is in them.

Yours,
Laurenz Albe