Jim Mercer <[EMAIL PROTECTED]> writes: > as best i can understand, there is no way to get apach/php/pgsql configured > (using "PostgreSQL's native access mappings") that would disallow php code > in one virtual host from connecting to any database on the system.
Betraying my ignorance of PHP here: what does a server supporting multiple virtual hosts look like from the database's end? Can we tell the difference at all between connections initiated on behalf of one virtual host from those initiated on behalf of another? If we can tell 'em apart (for instance, if they differ in apparent client IP address) then it'd make sense to put enforcement on the database side. If we can't tell 'em apart, then we need some help from the PHP interface code so that we can tell 'em apart. Proceeding on the assumption that we do need some help ... > this patch adds the config variable pgsql.allowed_dblist > by default it has no value, meaning all databases are accessible > it can contain a colon delimited list of databases that are accessible. Seems like this hard-wires a rather narrow view of what sorts of protection restrictions you need. Might I suggest instead that an appropriate config variable would be a list of Postgres user ids that the virtual host is allowed to connect as? Then the database's usual protection mechanisms could be used to allow/disallow connection to particular databases, if that's what you want. But this does more: it lets different virtual hosts connect to the same database as different users, and then access within that DB can be controlled using the regular Postgres access-control mechanisms. Essentially, the idea here is to ensure that the DB can tell virtual hosts apart as different users. regards, tom lane ---------------------------(end of broadcast)--------------------------- TIP 6: Have you searched our list archives? http://archives.postgresql.org