Hi,

PostgreSQL server 7.4.2
psqlODBC driver: 7.03.02.00

I created a database user in a postgresql cluster. I granted that user
SELECT permission to a few views. I created a DSN for that user to
connect to postgreSQL from a Windows PC. When I use the DSN in MS Access
to link to the views, the Link Tables list includes many tables and
views that the user has no permission to access. Is this a defect in the
ODBC driver? Is there a work around for this?

Thanks,
Rich Harris

---------------------------(end of broadcast)---------------------------
TIP 1: subscribe and unsubscribe commands go to majordomo@postgresql.org

Harris, Richard wrote:

>Hi,
>
>PostgreSQL server 7.4.2
>psqlODBC driver: 7.03.02.00
>
>I created a database user in a postgresql cluster. I granted that user
>SELECT permission to a few views. I created a DSN for that user to
>connect to postgreSQL from a Windows PC. When I use the DSN in MS Access
>to link to the views, the Link Tables list includes many tables and
>views that the user has no permission to access. Is this a defect in the
>ODBC driver? Is there a work around for this?
>
>
As far as security models are concerned, a driver should never impose
the security policy. The reason for that is very simple - bypassing the
driver will give you access to things you thought were secure. A driver
should give the user the maximal power available to her. If Postgresql
allows a user to get a list of views that the user has no permission to
access, then it's the driver's job to give this list.

If you think this security consideration is wrong, the place to complain
about that is pgsql-hackers or pgsql-users. There is nothing ODBC can do
about this.

>Thanks,
>Rich Harris
>
>
Shachar

--
Shachar Shemesh
Lingnu Open Source Consulting ltd.
Have you backed up today's work? http://www.lingnu.com/backup.html


---------------------------(end of broadcast)---------------------------
TIP 4: Don't 'kill -9' the postmaster