Database Reference
In-Depth Information
6
Security
In this chapter, we will cover the following:
F
Revoking user access to a table
F
Granting user access to a table
F
Creating a new user
F
Temporarily preventing a user from connecting
F
Removing a user without dropping their data
F
Checking whether all users have a secure password
F
Giving limited superuser powers to specific users
F
Auditing DDL changes
F
Auditing data changes
F
Integrating with LDAP
F
Connecting using SSL
F
Encrypting sensitive data
Introduction
Databases are mostly used for keeping data, which has several restrictions on how it is used.
Some records or tables can only be seen by certain users, and even for those tables which
are visible to everyone, there can be restrictions on who can use the data, insert new data or
change the existing data. All this is managed by a privilege system, where users are granted
different privileges for different tables or other database objects, such as schemas or functions.
