Users, Groups and Database Permissions

Each user is given a login and a password they must use to gain access to the database. It is good form to change your password occasionally.[18]

The database can grant specific users various levels of access to specific tables, although such access is not common as it is difficult to administer and maintain such a fine grained degree of control. For further information see the PostgreSQL documentation on Database Users and Privileges.

Rather than maintain database access privileges on a per-user basis it is more convenient to place users in groups and then grant these groups different levels of database access.

Babase contains the following groups:

The babase_readers group

The members of this group have read access to Babase data and cannot add, delete, or otherwise alter any of the data.

The babase_editors group

The members of this group have unlimited rights to the Babase data. They may add data, delete data, or alter existing data. They may not, however, alter the structure of the babase database or change the rules to which the data are required to conform. Thus, they may not add or delete tables, alter triggers, or write or replace stored procedures.

[18] That way if you unknowingly revealed your password to the terrorists last weekend when you were drunk, by the time everybody sobers up the password will have been changed and the amount of damage done is limited.

Page generated: 2023-11-28T17:35:47-05:00.