Обсуждение: Catalog permissions
I have to allow one user to use my Postgres installation in one schema of several. We are preparing an phpPGAdmin installation to give an remote access to this schema.
The phpPDAdmin is showing the entire catalog to this user and allowing access only in the schema that I gave permissions to him.
How do I do to this user can see only the schema that he has access, not the entire catalog.
Is it possible?
Thanks,
Bruno
____________________________________________________________________________
Aviso de confidencialidade.
Esta mensagem da Empresa Brasileira de Pesquisa Agropecuária (Embrapa), empresa pùblica federal regida pelo disposto na Lei Federal no. 5.851, de 7 de dezembro de 1972, é enviada exclusivamente a seu destinatário e pode conter informações confidenciais, protegidas por sigilo profissional. Sua utilização desautorizada é ilegal e sujeita o infrator às penas da lei. Se você a recebeu indevidamente, queira, por gentileza, reenviá-la ao emitente, esclarecendo o equívoco.
Confidentiality note
This message from Empresa Brasileira de Pesquisa Agropecuária (Embrapa), a government company established under Brazilian law (5.851/72), is directed exclusively to its addressee and may contain confidential data, protected under professional secrecy rules. Its unauthorized use is illegal and may subject the transgressor to the law's penalties. If you are not the addressee, please send it back, elucidating the failure.
> Hi, > > I have to allow one user to use my Postgres installation in one schema of > several. We are preparing an phpPGAdmin installation to give an remote > access to this schema. > The phpPDAdmin is showing the entire catalog to this user and allowing > access only in the schema that I gave permissions to him. > How do I do to this user can see only the schema that he has access, not > the entire catalog. > Is it possible? Use: GRANT usage on schema zzz to uuu; Alter user uuu set default_transaction_read_only = on; GRANT select on all tables in schema zzz to uuu; Saludos, Gilberto Castillo ETECSA, La Habana, Cuba --- This message was processed by Kaspersky Mail Gateway 5.6.28/RELEASE running at host imx3.etecsa.cu Visit our web-site: <http://www.kaspersky.com>, <http://www.viruslist.com>
The problem still the same.
The user is allowed to see the entire installation catalog, all databases, all schemas, etc. Of course, he is allowed to see data only in the schema that I gave this permission.
The ideia is to be shoed to him only the datbase end schema that he has permission.
I applied the command "Alter user myuser set default_transaction_read_only = on;" to this user . The others were already set.
Saludos,
Bruno
Para: "BRUNO CESAR BERNARDES" <bruno.bernardes@embrapa.br>
Cc: pgsql-admin@postgresql.org
Enviadas: Terça-feira, 31 de março de 2015 12:59:11
Assunto: Re: [ADMIN] Catalog permissions
> Hi,
>
> I have to allow one user to use my Postgres installation in one schema of
> several. We are preparing an phpPGAdmin installation to give an remote
> access to this schema.
> The phpPDAdmin is showing the entire catalog to this user and allowing
> access only in the schema that I gave permissions to him.
> How do I do to this user can see only the schema that he has access, not
> the entire catalog.
> Is it possible?
Use:
GRANT usage on schema zzz to uuu;
Alter user uuu set default_transaction_read_only = on;
GRANT select on all tables in schema zzz to uuu;
Saludos,
Gilberto Castillo
ETECSA, La Habana, Cuba
---
This message was processed by Kaspersky Mail Gateway 5.6.28/RELEASE running at host imx3.etecsa.cu
Visit our web-site: <http://www.kaspersky.com>, <http://www.viruslist.com>
--
Sent via pgsql-admin mailing list (pgsql-admin@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-admin
-
________________ ____________________________________________________________
Aviso de confidencialidade.
Esta mensagem da Empresa Brasileira de Pesq uisa Agropecuária (Embrapa), empresa pùblica federal regi da pelo disposto na Lei Federal no. 5.851, de 7 de dezembro de 1972, & eacute; enviada exclusivamente a seu destinatário e pode conter i nformações confidenciais, protegidas por sigilo profissional . Sua utilização desautorizada é ilegal e sujeita o infrator às penas da lei. Se você a recebeu indevidamente, queira, por gentileza, reenviá-la ao emitente, esclarecendo o equ&i acute;voco.
Confidentiality note
This message from Empresa Brasileira de Pesquisa Agropecuária (Embrapa), a govern ment company established under Brazilian law (5.851/72), is directed ex clusively to its addressee and may contain confidential data, protected under professional secrecy rules. Its unauthorized use is illegal and may subject the transgressor to the law's penalties. If you are not the a ddressee, please send it back, elucidating the failure.
Thanks Gilberto,
The problem still the same.
The user is allowed to see the entire installation catalog, all databases, all schemas, etc. Of course, he is allowed to see data only in the schema that I gave this permission.
The ideia is to be shoed to him only the datbase end schema that he has permission.
I applied the command "Alter user myuser set default_transaction_read_only = on;" to this user . The others were already set.
Saludos,
BrunoDe: "Gilberto Castillo" <gilberto.castillo@etecsa.cu>
Para: "BRUNO CESAR BERNARDES" <bruno.bernardes@embrapa.br>
Cc: pgsql-admin@postgresql.org
Enviadas: Terça-feira, 31 de março de 2015 12:59:11
Assunto: Re: [ADMIN] Catalog permissions---
> Hi,
>
> I have to allow one user to use my Postgres installation in one schema of
> several. We are preparing an phpPGAdmin installation to give an remote
> access to this schema.
> The phpPDAdmin is showing the entire catalog to this user and allowing
> access only in the schema that I gave permissions to him.
> How do I do to this user can see only the schema that he has access, not
> the entire catalog.
> Is it possible?
Use:
GRANT usage on schema zzz to uuu;
Alter user uuu set default_transaction_read_only = on;
GRANT select on all tables in schema zzz to uuu;
Saludos,
Gilberto Castillo
ETECSA, La Habana, Cuba
This message was processed by Kaspersky Mail Gateway 5.6.28/RELEASE running at host imx3.etecsa.cu
Visit our web-site: <http://www.kaspersky.com>, <http://www.viruslist.com>
--
Sent via pgsql-admin mailing list (pgsql-admin@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-admin
-
________________ ____________________________________________________________
Aviso de confidencialidade.
Esta mensagem da Empresa Brasileira de Pesq uisa Agropecuária (Embrapa), empresa pùblica federal regi da pelo disposto na Lei Federal no. 5.851, de 7 de dezembro de 1972, & eacute; enviada exclusivamente a seu destinatário e pode conter i nformações confidenciais, protegidas por sigilo profissional . Sua utilização desautorizada é ilegal e sujeita o infrator às penas da lei. Se você a recebeu indevidamente, queira, por gentileza, reenviá-la ao emitente, esclarecendo o equ&i acute;voco.
Confidentiality note
This message from Empresa Brasileira de Pesquisa Agropecuária (Embrapa), a govern ment company established under Brazilian law (5.851/72), is directed ex clusively to its addressee and may contain confidential data, protected under professional secrecy rules. Its unauthorized use is illegal and may subject the transgressor to the law's penalties. If you are not the a ddressee, please send it back, elucidating the failure.
2015-03-31 16:44 GMT-03:00 BRUNO CESAR BERNARDES <bruno.bernardes@embrapa.br>:Thanks Gilberto,
The problem still the same.
The user is allowed to see the entire installation catalog, all databases, all schemas, etc. Of course, he is allowed to see data only in the schema that I gave this permission.
The ideia is to be shoed to him only the datbase end schema that he has permission.
I applied the command "Alter user myuser set default_transaction_read_only = on;" to this user . The others were already set.
Saludos,
BrunoDe: "Gilberto Castillo" <gilberto.castillo@etecsa.cu>
Para: "BRUNO CESAR BERNARDES" <bruno.bernardes@embrapa.br>
Cc: pgsql-admin@postgresql.org
Enviadas: Terça-feira, 31 de março de 2015 12:59:11
Assunto: Re: [ADMIN] Catalog permissions---
> Hi,
>
> I have to allow one user to use my Postgres installation in one schema of
> several. We are preparing an phpPGAdmin installation to give an remote
> access to this schema.
> The phpPDAdmin is showing the entire catalog to this user and allowing
> access only in the schema that I gave permissions to him.
> How do I do to this user can see only the schema that he has access, not
> the entire catalog.
> Is it possible?
Use:
GRANT usage on schema zzz to uuu;
Alter user uuu set default_transaction_read_only = on;
GRANT select on all tables in schema zzz to uuu;
Saludos,
Gilberto Castillo
ETECSA, La Habana, Cuba
This message was processed by Kaspersky Mail Gateway 5.6.28/RELEASE running at host imx3.etecsa.cu
Visit our web-site: <http://www.kaspersky.com>, <http://www.viruslist.com>
--
Sent via pgsql-admin mailing list (pgsql-admin@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-admin
-
________________ ____________________________________________________________
Aviso de confidencialidade.
Esta mensagem da Empresa Brasileira de Pesq uisa Agropecuária (Embrapa), empresa pùblica federal regi da pelo disposto na Lei Federal no. 5.851, de 7 de dezembro de 1972, & eacute; enviada exclusivamente a seu destinatário e pode conter i nformações confidenciais, protegidas por sigilo profissional . Sua utilização desautorizada é ilegal e sujeita o infrator às penas da lei. Se você a recebeu indevidamente, queira, por gentileza, reenviá-la ao emitente, esclarecendo o equ&i acute;voco.
Confidentiality note
This message from Empresa Brasileira de Pesquisa Agropecuária (Embrapa), a govern ment company established under Brazilian law (5.851/72), is directed ex clusively to its addressee and may contain confidential data, protected under professional secrecy rules. Its unauthorized use is illegal and may subject the transgressor to the law's penalties. If you are not the a ddressee, please send it back, elucidating the failure.Olá Bruno,Is this what you are looking for?Link: http://stackoverflow.com/questions/12663639/how-to-hide-databases-that-i-am-not-allowed-to-access
--
No. I am not using PgAdmin3, I am using PgPHPAdmin and I could not find a similar option on it.
To solve my problem the best thing would be restrict the Postgres catalog to the objects that the user has permission.
Best regards,
Para: "BRUNO CESAR BERNARDES" <bruno.bernardes@embrapa.br>
Cc: "gilberto castillo" <gilberto.castillo@etecsa.cu>, pgsql-admin@postgresql.org
Enviadas: Terça-feira, 31 de março de 2015 16:53:29
Assunto: Re: [ADMIN] Catalog permissions
Thanks Gilberto,
The problem still the same.
The user is allowed to see the entire installation catalog, all databases, all schemas, etc. Of course, he is allowed to see data only in the schema that I gave this permission.
The ideia is to be shoed to him only the datbase end schema that he has permission.
I applied the command "Alter user myuser set default_transaction_read_only = on;" to this user . The others were already set.
Saludos,
BrunoDe: "Gilberto Castillo" <gilberto.castillo@etecsa.cu>
Para: "BRUNO CESAR BERNARDES" <bruno.bernardes@embrapa.br>
Cc: pgsql-admin@postgresql.org
Enviadas: Terça-feira, 31 de março de 2015 12:59:11
Assunto: Re: [ADMIN] Catalog permissions---
> Hi,
>
> I have to allow one user to use my Postgres installation in one schema of
> several. We are preparing an phpPGAdmin installation to give an remote
> access to this schema.
> The phpPDAdmin is showing the entire catalog to this user and allowing
> access only in the schema that I gave permissions to him.
> How do I do to this user can see only the schema that he has access, not
> the entire catalog.
> Is it possible?
Use:
GRANT usage on schema zzz to uuu;
Alter user uuu set default_transaction_read_only = on;
GRANT select on all tables in schema zzz to uuu;
Saludos,
Gilberto Castillo
ETECSA, La Habana, Cuba
This message was processed by Kaspersky Mail Gateway 5.6.28/RELEASE running at host imx3.etecsa.cu
Visit our web-site: <http://www.kaspersky.com>, <http://www.viruslist.com>
--
Sent via pgsql-admin mailing list (pgsql-admin@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-admin
-
________________ ____________________________________________________________
Aviso de confidencialidade.
Esta mensagem da Empresa Brasileira de Pesq uisa Agropecuária (Embrapa), empresa pùblica federal regi da pelo disposto na Lei Federal no. 5.851, de 7 de dezembro de 1972, & eacute; enviada exclusivamente a seu destinatário e pode conter i nformações confidenciais, protegidas por sigilo profissional . Sua utilização desautorizada é ilegal e sujeita o infrator às penas da lei. Se você a recebeu indevidamente, queira, por gentileza, reenviá-la ao emitente, esclarecendo o equ&i acute;voco.
Confidentiality note
This message from Empresa Brasileira de Pesquisa Agropecuária (Embrapa), a govern ment company established under Brazilian law (5.851/72), is directed ex clusively to its addressee and may contain confidential data, protected under professional secrecy rules. Its unauthorized use is illegal and may subject the transgressor to the law's penalties. If you are not the a ddressee, please send it back, elucidating the failure.
--
Coordenadoria de Gestão de Infraestrutura
Departamento de Tecnologia da Informação (DTI)
Empresa Brasileira de Pesquisa Agropecuária (Embrapa)
Brasília/DF
bruno.bernardes@embrapa.br
Telefone: +55 (61) 3448-1637 | Fax: +55 (61) 3448-4313
www.embrapa.br | twitter.com/embrapa
Confira também: www.facebook.com/agrosustentavel
________________ ____________________________________________________________
Aviso de confidencialidade.
Esta mensagem da Empresa Brasileira de Pesq uisa Agropecuária (Embrapa), empresa pùblica federal regi da pelo disposto na Lei Federal no. 5.851, de 7 de dezembro de 1972, & eacute; enviada exclusivamente a seu destinatário e pode conter i nformações confidenciais, protegidas por sigilo profissional . Sua utilização desautorizada é ilegal e sujeita o infrator às penas da lei. Se você a recebeu indevidamente, queira, por gentileza, reenviá-la ao emitente, esclarecendo o equ&i acute;voco.
Confidentiality note
This message from Empresa Brasileira de Pesquisa Agropecuária (Embrapa), a govern ment company established under Brazilian law (5.851/72), is directed ex clusively to its addressee and may contain confidential data, protected under professional secrecy rules. Its unauthorized use is illegal and may subject the transgressor to the law's penalties. If you are not the a ddressee, please send it back, elucidating the failure.
No. I am not using PgAdmin3, I am using PgPHPAdmin and I could not find a similar option on it.
To solve my problem the best thing would be restrict the Postgres catalog to the objects that the user has permission.
Saludos,
Bruno
Para: "BRUNO CESAR BERNARDES" <bruno.bernardes@embrapa.br>
Cc: pgsql-admin@postgresql.org
Enviadas: Terça-feira, 31 de março de 2015 12:59:11
Assunto: Re: [ADMIN] Catalog permissions
> Hi,
>
> I have to allow one user to use my Postgres installation in one schema of
> several. We are preparing an phpPGAdmin installation to give an remote
> access to this schema.
> The phpPDAdmin is showing the entire catalog to this user and allowing
> access only in the schema that I gave permissions to him.
> How do I do to this user can see only the schema that he has access, not
> the entire catalog.
> Is it possible?
Use:
GRANT usage on schema zzz to uuu;
Alter user uuu set default_transaction_read_only = on;
GRANT select on all tables in schema zzz to uuu;
Saludos,
Gilberto Castillo
ETECSA, La Habana, Cuba
---
This message was processed by Kaspersky Mail Gateway 5.6.28/RELEASE running at host imx3.etecsa.cu
Visit our web-site: <http://www.kaspersky.com>, <http://www.viruslist.com>
--
Sent via pgsql-admin mailing list (pgsql-admin@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-admin
--
Coordenadoria de Gestão de Infraestrutura
Departamento de Tecnologia da Informação (DTI)
Empresa Brasileira de Pesquisa Agropecuária (Embrapa)
Brasília/DF
bruno.bernardes@embrapa.br
Telefone: +55 (61) 3448-1637 | Fax: +55 (61) 3448-4313
www.embrapa.br | twitter.com/embrapa
Confira também: www.facebook.com/agrosustentavel
________________ ____________________________________________________________
Aviso de confidencialidade.
Esta mensagem da Empresa Brasileira de Pesq uisa Agropecuária (Embrapa), empresa pùblica federal regi da pelo disposto na Lei Federal no. 5.851, de 7 de dezembro de 1972, & eacute; enviada exclusivamente a seu destinatário e pode conter i nformações confidenciais, protegidas por sigilo profissional . Sua utilização desautorizada é ilegal e sujeita o infrator às penas da lei. Se você a recebeu indevidamente, queira, por gentileza, reenviá-la ao emitente, esclarecendo o equ&i acute;voco.
Confidentiality note
This message from Empresa Brasileira de Pesquisa Agropecuária (Embrapa), a govern ment company established under Brazilian law (5.851/72), is directed ex clusively to its addressee and may contain confidential data, protected under professional secrecy rules. Its unauthorized use is illegal and may subject the transgressor to the law's penalties. If you are not the a ddressee, please send it back, elucidating the failure.
> Dear Gilberto, > > No. I am not using PgAdmin3, I am using PgPHPAdmin and I could not find a > similar option on it. > To solve my problem the best thing would be restrict the Postgres catalog > to the objects that the user has permission. Or give permissions read only. That's what that passed through my lines. > ----- Mensagem original ----- > > De: "Gilberto Castillo" <gilberto.castillo@etecsa.cu> > Para: "BRUNO CESAR BERNARDES" <bruno.bernardes@embrapa.br> > Cc: pgsql-admin@postgresql.org > Enviadas: Terça-feira, 31 de março de 2015 12:59:11 > Assunto: Re: [ADMIN] Catalog permissions > > > >> Hi, >> >> I have to allow one user to use my Postgres installation in one schema >> of >> several. We are preparing an phpPGAdmin installation to give an remote >> access to this schema. >> The phpPDAdmin is showing the entire catalog to this user and allowing >> access only in the schema that I gave permissions to him. >> How do I do to this user can see only the schema that he has access, not >> the entire catalog. >> Is it possible? > > Use: > > GRANT usage on schema zzz to uuu; > Alter user uuu set default_transaction_read_only = on; > GRANT select on all tables in schema zzz to uuu; > > > Saludos, > Gilberto Castillo > ETECSA, La Habana, Cuba > > --- > This message was processed by Kaspersky Mail Gateway 5.6.28/RELEASE > running at host imx3.etecsa.cu > Visit our web-site: <http://www.kaspersky.com>, <http://www.viruslist.com> > > > -- > Sent via pgsql-admin mailing list (pgsql-admin@postgresql.org) > To make changes to your subscription: > http://www.postgresql.org/mailpref/pgsql-admin > > > > -- > > Bruno César Bernardes, Analista > Coordenadoria de Gestão de Infraestrutura > Departamento de Tecnologia da Informação (DTI) > Empresa Brasileira de Pesquisa Agropecuária (Embrapa) > Brasília/DF > > bruno.bernardes@embrapa.br > Telefone: +55 (61) 3448-1637 | Fax: +55 (61) 3448-4313 > www.embrapa.br | twitter.com/embrapa > Confira também: www.facebook.com/agrosustentavel > > > > > ____________________________________________________________________________ > Aviso de confidencialidade > > Esta mensagem da Empresa Brasileira de Pesquisa Agropecuaria (Embrapa), > empresa publica federal regida pelo disposto na Lei Federal no. 5.851, > de > 7 de dezembro de 1972, e enviada exclusivamente a seu destinatario e > pode > conter informacoes confidenciais, protegidas por sigilo profissional. > Sua > utilizacao desautorizada e ilegal e sujeita o infrator as penas da lei. > Se > voce a recebeu indevidamente, queira, por gentileza, reenvia-la ao > emitente, > esclarecendo o equivoco. > > Confidentiality note > > This message from Empresa Brasileira de Pesquisa Agropecuaria > (Embrapa), a > government company established under Brazilian law (5.851/72), is > directed > exclusively to its addressee and may contain confidential data, > protected > under professional secrecy rules. Its unauthorized use is illegal and > may > subject the transgressor to the law's penalties. If you are not the > addressee, > please send it back, elucidating the failure. > > > > --- > This message was processed by Kaspersky Mail Gateway 5.6.28/RELEASE > running at host imx2.etecsa.cu > Visit our web-site: <http://www.kaspersky.com>, <http://www.viruslist.com> > Saludos, Gilberto Castillo ETECSA, La Habana, Cuba --- This message was processed by Kaspersky Mail Gateway 5.6.28/RELEASE running at host imx3.etecsa.cu Visit our web-site: <http://www.kaspersky.com>, <http://www.viruslist.com>