thank you _SO_ much. I'm not sure how I overlooked that, but it is far easier to manage using connect. I'm assuming that even if tables have public privileges granted, that they are not visible to people not granted connect privileges to the database?
Thanks, Isaac On Fri, May 22, 2009 at 12:31 PM, Tom Lane <t...@sss.pgh.pa.us> wrote: > Isaac Dover <isaacdo...@gmail.com> writes: > >> As far as i can tell, > >> pg_hba.conf is the only manner in which to prevent users from connecting > to > >> other users' databases. I've restricted roles to connecting only using > >> sameuser: > >> > >> host sameuser all 192.168.168.0/24 md5 > > In recent releases (certainly 8.3) the better approach is probably to > use CONNECT privilege to grant or deny access. However that does have > some drawbacks if you intend to let users create their own databases > --- they have to remember to set the privileges properly on new DBs. > > regards, tom lane >
