[HACKERS] "default deny" for roles

David Fetter Tue, 28 Aug 2012 10:28:53 -0700

Folks,

There are situations where a "default deny" policy is the best fit.


To that end, I have a modest proposal:

    REVOKE PUBLIC FROM role;

Thenceforth, the role in question would only have access to things it
was specifically granted.

What say?

Cheers,
David.
-- 
David Fetter <da...@fetter.org> http://fetter.org/
Phone: +1 415 235 3778  AIM: dfetter666  Yahoo!: dfetter
Skype: davidfetter      XMPP: david.fet...@gmail.com
iCal: webcal://www.tripit.com/feed/ical/people/david74/tripit.ics

Remember to vote!
Consider donating to Postgres: http://www.postgresql.org/about/donate


-- 
Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-hackers

[HACKERS] "default deny" for roles

Reply via email to