In response to "dfx" <dfx@xxxxxx>: > Dear Sirs, > > I would like to rent a my application to a number of customer, each with a > dedicated database (and perhaps a dedicated username). > > The database will be installed on 'public IP' machine and will be accessed > by internet on standard port 5432 and using ODBC driver from several clients > (whith the client part of the procedure installed on each machine). > > My questions are: > > It is possible to configure the security policy so that the simple users > (the customer, in this case) can only read, write, update end delete data to > the dedicated database AND NOTHING ELSE, particularly: > > - I would like to create each database with a different (customer) username > (only one per database, in addition to the standard user postgres) > - The user (customer): > ---- cannot change his own username and the password > ---- cannot backup the database > ---- cannot read (the text of) the stored procedures, but execute only > ---- cannot know the 'existence' of the other databases A lot of these aren't supported (the "existence" thing, in particular) If you really need to prevent users from knowing about each other, you'll probably be better off using a virtual machine infrastructure to give each client a dedicated DB system. FreeBSD jails are particularly useful for this because of how lightweight they are. -- Bill Moran http://www.potentialtech.com http://people.collaborativefusion.com/~wmoran/ - Sent via pgsql-general mailing list (pgsql-general@xxxxxxxxxxxxxx) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-general
