[Dbconfig-common-devel] Re: RFC: common database policy/infrastracture
Karsten Hilbert
Karsten.Hilbert@gmx.net
Wed, 22 Dec 2004 09:44:49 +0100
> >a) our applications don't use that user
> >b) the user only has create-database and create-user which
> > means it can create new databases and delete databases
> > owned by itself, same with users: create new ones and
> > delete those created by itself
> >c) the user does not have administrative access to other
> > databases
> >d) in fact, that user does not have "administrative" access at
> > all in that that would be something generic, it only has
> > the added rights to manage "it's" databases/users
> I would acll this user: application-database-manager. This user does not
> really interact with the database when the application is running but just
> cares for the health of the database itself. It plays the role of postgres
> user for this very special database. Thus it needs similar rights as
> the postgres user but only in respect of this certain data base.
That is correct. It does not, however, have all the rights of
a postgres superuser.
Karsten
--
GPG key ID E4071346 @ wwwkeys.pgp.net
E167 67FD A291 2BEA 73BD 4537 78B9 A9F9 E407 1346