开发者

Are users commonly implemented as Roles with the ability to login?

开发者 https://www.devze.com 2023-01-12 09:25 出处:网络
In recent versions of PostgreSQL users are implemented as roles that can login. Is this common in an RBAC implementations, that a user is just another role with the ability to login (or similar)? Some
相关专题:postgresqlrbacrolessecurity

In recent versions of PostgreSQL users are implemented as roles that can login. Is this common in an RBAC implementations, that a user is just another role with the ability to login (or similar)? Some of what I've read so far doesn't suggest that... but开发者_StackOverflow社区 maybe I've misread or just not read the right thing.

In particular what i understand in your question is the differences and relation between RBAC and create user command in postgresql, As you may know PostgreSQL manages database access permissions using the concept of roles. This role can be database user, or a group of database users, depending on how the role is set up.

As referred here Roles can own database objects (for example, tables) and can assign privileges on those objects to other roles to control who has access to which objects.

Furthermore, it is emphasized that CREATE USER is an alias for CREATE ROLE, which see for more information. The only difference is that when the command is spelled CREATE USER, LOGIN is assumed by default, whereas NOLOGIN is assumed when the command is spelled CREATE ROLE. (mentioned in postgresql manuel)

The concept of roles subsumes the concepts of "users" and "groups". In PostgreSQL versions before 8.1, users and groups were distinct kinds of entities, but now there are only roles. Any role can act as a user, a group, or both.

And RBAC is a access control, there can be a relation with databases however it is used for any kind of "stuff" access in an PC or large networks similar to other access control (MAC DAC), A database management system, in its access control mechanism, can also apply other access control mechanisms. In this case, the objects are tables, views, procedures, etc. You can read details from wikipedia

Finally, All relational DBMS provide some sort of intrinsic security mechanisms designed to minimize threats. If it fits for your database application you can benefit from CREATE USER or CREATE ROLE commands to reduce security risk, that's why these commands exists.

0

上一篇:

:下一篇

更多 问答 相关资讯:

精彩评论

暂无评论...
登录 注册
Qedev.com
验证码 换一张
取 消

关注公众号

热门标签

图文推荐

Delphi - Custom drawing a message list

Delphi - Custom drawing a message list
C++ header-only include pattern

C++ header-only include pattern
IE7 Margin Collapses Into Padding

IE7 Margin Collapses Into Padding
in CoffeeScript, how can I use a variable as a key in a hash?

in CoffeeScript, how can I use a variable as a key in a hash?
Interactive visualization of a graph in python [closed]

Interactive visualization of a graph in python [closed]
How to customise PHP MYSQL tables?

How to customise PHP MYSQL tables?
High quality, simple random password generator

High quality, simple random password generator
Image Recognition ApI in android

Image Recognition ApI in android

开发者开发者网给大家分享系统运维,大数据运维,云计算,编程开发技巧,路由交换,运维和开发相关的资讯及技术文章,同时StackOverflow中文社区,知识经验交流分享。

法律声明:本站内容均为网友上传,网站举办方负责审核和监督,如存在版权或非法内容,欢迎举报,我们将尽快予以删除。邮箱:devze@qq.com

Copyright © 2018-2020 开发者. All rights reserved. Powered by 开发者ICP备案号: 京ICP备10032868号-9