CSN <cool_screen_name90001@xxxxxxxxx> writes: > I'm using plphpu and I'd like to allow the regular > database user to use it, but since it's "untrusted" it > requires users to be superusers. If I have to do this, > I don't want the user to be a superuser for all > databases. Is it possible to grant superuser status to > a user for a specific database? Exactly how would you prevent him from converting that into global access? Especially if you're going to give him use of an untrusted language? He could easily rewrite any configuration file you might think is going to lock him out of your other databases. > (The function uses mail(), so IIRC that necessitates > using plphpu). Sending mail from a database function (or doing anything else that involves external side-effects) is generally A Bad Idea, for reasons that have been covered many times in the list archives. regards, tom lane ---------------------------(end of broadcast)--------------------------- TIP 6: explain analyze is your friend
