Schema security

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



I have a schema for example called f65, and the public schema of course, in a database.

I've created a user f65 to access only the f65 schema using the following:

CREATE ROLE f65 LOGIN
  ENCRYPTED PASSWORD 'md52a630d68054defeed4b4c27cb6413ece'
  NOSUPERUSER NOINHERIT NOCREATEDB NOCREATEROLE;
REVOKE ALL ON SCHEMA public FROM public;
REVOKE ALL ON SCHEMA f65 FROM public;
GRANT ALL ON SCHEMA f65 TO f65;

Which gives the f65 user access to the schema, but they cannot access any of the objects within it (i.e. permission denied when trying a select from a table)

testdb=>  select * from f65.billing;
ERROR:  permission denied for relation billing

I would have thought giving the user all privileges on a schema would by default add them to all objects within it, but clearly not. Do I need to explicitly go through every object within the schema and grant that user access to them or is there an easier way of doing it? Something like a "GRANT CASCADE" option?

Cheers,
P.

--
Paul Lambert
Database Administrator
AutoLedgers


---------------------------(end of broadcast)---------------------------
TIP 9: In versions below 8.0, the planner will ignore your desire to
      choose an index scan if your joining column's datatypes do not
      match

[Index of Archives]     [KVM ARM]     [KVM ia64]     [KVM ppc]     [Virtualization Tools]     [Spice Development]     [Libvirt]     [Libvirt Users]     [Linux USB Devel]     [Linux Audio Users]     [Yosemite Questions]     [Linux Kernel]     [Linux SCSI]     [XFree86]

  Powered by Linux