Search Postgresql Archives

Re: How to Prevent Certain Kinds of Joins?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

One of the tables contains personally identifiable information (PII) (e.g., email, first and last name, etc.). The other contains "click stream" data (information about where on our website users have gone). In order to be sensitive to users privacy, we don't want to ever (even accidentally) run queries that would combine PII and click stream data. So we're looking for ways to put "walls" up against combining the data. We understand that anyone with ample access to the database can deliberately combine the data if they chose to do so in blatent violation of our policies. But we want to set something up that would put an obstacle or two in the path of anyone who might accidentally run such a query.

The ideas about setting up views might work. I guess we'd just have to change the permissions of users who have access to the db so that they can only use the views and not query the tables directly.

Michael Fuhr wrote: 
On Tue, Feb 22, 2005 at 02:51:09PM -0500, Heather Johnson wrote:


Is there a way to revoke permission to join two or more tables, even for users who have all other permissions (e.g., select, insert, update, delete) on those tables? 


For what purpose?  If this were possible, then users could still
do joins on the client side if they had access to all the data.
Are you just trying to prevent potentially large queries?  What
problem are you trying to solve?


---------------------------(end of broadcast)---------------------------
TIP 8: explain analyze is your friend
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Postgresql Jobs]     [Postgresql Admin]     [Postgresql Performance]     [Linux Clusters]     [PHP Home]     [PHP on Windows]     [Kernel Newbies]     [PHP Classes]     [PHP Books]     [PHP Databases]     [Postgresql & PHP]     [Yosemite]
  Powered by Linux