Zlatko Matić wrote:
Hi. I know that superusers are allowed to do everything on the
database, but I consider this as dangerous. I want to have some user
group with rights of creating new users and giving them some
authorizations, but without such wide power as superusers have. So, I
was thinking about two possible scenarios: a) to allow regular users
to create new users b) to restrict superuser's permissions
What is possible and what do you suggest ?
Neither is possible directly. (B) means they're not a superuser and (A)
means they are. You could create a function marked "SECURITY DEFINER" as
a super-user and have that function create users on behalf of regular
users though.
--
Richard Huxton
Archonet Ltd
---------------------------(end of broadcast)---------------------------
TIP 2: you can get off all lists at once with the unregister command
(send "unregister YourEmailAddressHere" to majordomo@xxxxxxxxxxxxxx)
