Andreas wrote:
I'd like to have a view only to be used by certain users.
The tables are public.
Can this only be done by restricting access to the tables?
GRANT/REVOKE works on views
revoke all on aview from public;
grant select on aview to user1;
As Raymond pointed out, if user2 knows what the definition of aview is,
they can just run it against the raw tables.
e.g.
create view aview as select * from pg_proc;
revoke all on aview from public;
grant select on aview to user1;
set session authorization user2;
select * from aview; -- fails
select * from pg_proc; -- works and gives the same result
klint.
--
Klint Gore
Database Manager
Sheep CRC
A.G.B.U.
University of New England
Armidale NSW 2350
Ph: 02 6773 3789
Fax: 02 6773 3266
EMail: kgore4@xxxxxxxxxx
--
Sent via pgsql-general mailing list (pgsql-general@xxxxxxxxxxxxxx)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-general
