Re: CREATE DATABASE WITH OWNER '??';

On Tue, 9 May 2000, Peter Eisentraut wrote:

> Tom Lane writes:
> 
> > Rather than the separate pw files, maybe pg_shadow needs some kind of
> > provision for database-specific passwords ...
> 
> Perhaps the issue is not so much having different passwords for each
> database. I don't think this is necessarily a priority. (I think it would
> be rather confusing that there would be one user and many passwords.)
> 
> The issue is that you can't say "Do password authentication, but only for
> these users". It forces you to make separate password files. Perhaps we
> could extend the syntax similar to this
> 
> | host    all    127.0.0.1    255.255.255.255    passwd    &user1,user2,user3
> 
> to mean "do password authentication using the pg_shadow passwords, but
> only for the named users". (`&' would be some special character to
> distinguish a list of users from a password file name.)

why can't we extend the whole 'grant table' syntax to a 'grant database'
one also?  as I see it, the owner of a database should be able to
grant/refuse connections to his database without having to go through the
DBA, which the above requires ...

Marc G. Fournier                   ICQ#7615664               IRC Nick: Scrappy
Systems Administrator @ hub.org 
primary: scrappy@hub.org           secondary: scrappy@{freebsd|postgresql}.org