作者
digoal
日期
2020-03-24
标签
PostgreSQL , acl , set_user
背景
详细用法:
https://github.com/pgaudit/set_user
PostgreSQL extension allowing privilege escalation with enhanced logging and control
Block ALTER SYSTEM commands
- set_user.block_alter_system = on
Block COPY PROGRAM commands
- set_user.block_copy_program = on
Block SET log_statement commands
- set_user.block_log_statement = on
Allow list of roles to escalate to superuser
- set_user.superuser_whitelist = '
Allowed list of roles that can be switched to (not used in set_user_u)
- set_user.nosuperuser_target_whitelist = '
解决细粒度安全控制需求
PostgreSQL 许愿链接
您的愿望将传达给PG kernel hacker、数据库厂商等, 帮助提高数据库产品质量和功能, 说不定下一个PG版本就有您提出的功能点. 针对非常好的提议,奖励限量版PG文化衫、纪念品、贴纸、PG热门书籍等,奖品丰富,快来许愿。开不开森.
9.9元购买3个月阿里云RDS PostgreSQL实例
PostgreSQL 解决方案集合
德哥 / digoal's github - 公益是一辈子的事.
