[ADMIN] Priviliges and Roles
Hello, Is it possible to do the following: Disallow permission to write to a table (either by UPDATE or INSERT) but allow EXECUTE permission on a Function that writes to the table ? The reason I want to do this is so that I can perform certain checks on the data that is being written before I allow it to be written. Cheers DayoJ ---(end of broadcast)--- TIP 2: Don't 'kill -9' the postmaster
Re: [ADMIN] Priviliges and Roles
On Mon, Feb 27, 2006 at 12:09:48PM +, Dayo Johnson wrote: Hello, Is it possible to do the following: Disallow permission to write to a table (either by UPDATE or INSERT) but allow EXECUTE permission on a Function that writes to the table ? The reason I want to do this is so that I can perform certain checks on the data that is being written before I allow it to be written. I'm no expert but check out triggers. That should allow you to whatnot the data and fail/pass the insert or update. See: http://www.postgresql.org/docs/8.1/interactive/triggers.html -- To the extent that we overreact, we proffer the terrorists the greatest tribute. - High Court Judge Michael Kirby ---(end of broadcast)--- TIP 1: if posting/reading through Usenet, please send an appropriate subscribe-nomail command to [EMAIL PROTECTED] so that your message can get through to the mailing list cleanly
Re: [ADMIN] Priviliges and Roles
Hi Dayo, This is how I understand it, but I might be wrong: I believe the user who is has permission to execute the function also needs permissions to perform the table writes. Regards Andy Dayo Johnson <[EMAIL PROTECTED]> wrote: > Hello, > > Is it possible to do the following: > Disallow permission to write to a table (either by UPDATE or INSERT) but > allow EXECUTE permission on a Function that writes to the table ? > > The reason I want to do this is so that I can perform certain checks on > the data that is being written before I allow it to be written. > > Cheers DayoJ > > > ---(end of broadcast)--- > TIP 2: Don't 'kill -9' the postmaster > > !DSPAM:14,4402ee2c160447970214199! > > >
Re: [ADMIN] pgStatTuple
No, I didn't see the README file. Thanks so much for the info, Michael! -Original Message- From: Michael Fuhr [mailto:[EMAIL PROTECTED] Sent: Friday, February 24, 2006 6:13 PM To: Lane Van Ingen Cc: pgsql-admin@postgresql.org Subject: Re: [ADMIN] pgStatTuple On Fri, Feb 24, 2006 at 05:03:58PM -0500, Lane Van Ingen wrote: I want to use pgStatTuple to analyze performance problems when visiting user sites; it is a good tool. I know how to set it up; but I couldn't find an interpretation of what it generates as a result, so I can be sure of interpreting its output correctly and fully. Have you seen README.pgstattuple? Here's an excerpt: table_len -- physical table length in bytes tuple_count -- number of live tuples tuple_len -- total tuples length in bytes tuple_percent -- live tuples in % dead_tuple_len -- total dead tuples length in bytes dead_tuple_percent -- dead tuples in % free_space -- free space in bytes free_percent-- free space in % It can be educational to create a table to play with and watch pgstattuple's output change depending on what you do (insert, update, delete, vacuum, etc.). Can anyone help? May also require definition of 'tuple' when used in a PostgreSQL sense, also. Tuple, row, and record are generally used synonymously; tuple seems to be the more common term in discussions of theory. If that's too broad a generalization then maybe somebody will provide a more precise explanation. -- Michael Fuhr ---(end of broadcast)--- TIP 9: In versions below 8.0, the planner will ignore your desire to choose an index scan if your joining column's datatypes do not match
Re: [ADMIN] Priviliges and Roles
On Mon, Feb 27, 2006 at 12:09:48 +, Dayo Johnson [EMAIL PROTECTED] wrote: Hello, Is it possible to do the following: Disallow permission to write to a table (either by UPDATE or INSERT) but allow EXECUTE permission on a Function that writes to the table ? The reason I want to do this is so that I can perform certain checks on the data that is being written before I allow it to be written. You can use SECURITY DEFINER functions to do this. Those functions run with the access rights of the function creator, rather than the executor. ---(end of broadcast)--- TIP 3: Have you checked our extensive FAQ? http://www.postgresql.org/docs/faq
[ADMIN] Security / Annoucements List
Dear Postgresql friends, I'm curious as to what's the best way to get good notice of security issues and/or new version releases? I'm subscribed to the -announce list, but since the beginning of the year have received at least 10-20 messages through it. Most of these messages appear to be commercial, rather than connected to either a security issue, software release, or other major postgresql item. I have NO complaint with the above, but am curious for folks who desire to receive notices about security / version releases if there is a subset security type list that might just have those announcements? Any good free service recommendations like Secunia (not free)? - August ---(end of broadcast)--- TIP 6: explain analyze is your friend
Re: [ADMIN] Security / Annoucements List
Best thing to do is setup a filter looking for anything from @postgresql.org, since any release or security related issues will be posted from someone with that domain as their address ... On Mon, 27 Feb 2006, August Zajonc wrote: Dear Postgresql friends, I'm curious as to what's the best way to get good notice of security issues and/or new version releases? I'm subscribed to the -announce list, but since the beginning of the year have received at least 10-20 messages through it. Most of these messages appear to be commercial, rather than connected to either a security issue, software release, or other major postgresql item. I have NO complaint with the above, but am curious for folks who desire to receive notices about security / version releases if there is a subset security type list that might just have those announcements? Any good free service recommendations like Secunia (not free)? - August ---(end of broadcast)--- TIP 6: explain analyze is your friend Marc G. Fournier Hub.Org Networking Services (http://www.hub.org) Email: [EMAIL PROTECTED] Yahoo!: yscrappy ICQ: 7615664 ---(end of broadcast)--- TIP 1: if posting/reading through Usenet, please send an appropriate subscribe-nomail command to [EMAIL PROTECTED] so that your message can get through to the mailing list cleanly
Re: [ADMIN] Security / Annoucements List
Great idea. Thanks! Marc G. Fournier wrote: Best thing to do is setup a filter looking for anything from @postgresql.org, since any release or security related issues will be posted from someone with that domain as their address ... On Mon, 27 Feb 2006, August Zajonc wrote: Dear Postgresql friends, I'm curious as to what's the best way to get good notice of security issues and/or new version releases? I'm subscribed to the -announce list, but since the beginning of the year have received at least 10-20 messages through it. Most of these messages appear to be commercial, rather than connected to either a security issue, software release, or other major postgresql item. I have NO complaint with the above, but am curious for folks who desire to receive notices about security / version releases if there is a subset security type list that might just have those announcements? Any good free service recommendations like Secunia (not free)? - August ---(end of broadcast)--- TIP 6: explain analyze is your friend Marc G. Fournier Hub.Org Networking Services (http://www.hub.org) Email: [EMAIL PROTECTED] Yahoo!: yscrappy ICQ: 7615664 ---(end of broadcast)--- TIP 9: In versions below 8.0, the planner will ignore your desire to choose an index scan if your joining column's datatypes do not match
