[Dbconfig-common-devel] Re: RFC: common database policy/infrastracture

[Karsten Hilbert]

> >a) our applications don't use that user
> >b) the user only has create-database and create-user which
> >  means it can create new databases and delete databases
> >  owned by itself, same with users: create new ones and
> >  delete those created by itself
> >c) the user does not have administrative access to other
> >  databases
> >d) in fact, that user does not have "administrative" access at
> >  all in that that would be something generic, it only has
> >  the added rights to manage "it's" databases/users
> I would acll this user: application-database-manager.  This user does not
> really interact with the database when the application is running but just
> cares for the health of the database itself.  It plays the role of postgres
> user for this very special database.  Thus it needs similar rights as
> the postgres user but only in respect of this certain data base.
That is correct. It does not, however, have all the rights of
a postgres superuser.

Karsten
-- 
GPG key ID E4071346 @ wwwkeys.pgp.net
E167 67FD A291 2BEA 73BD  4537 78B9 A9F9 E407 1346