Everything I have managed to find in the Internet looks like this: postgreSQL.app : create database
So, the first link say we have to create a database for Django like this:
CREATE USER testfor_psl_user WITH password 'pass';
CREATE DATABASE testfor_psl ENCODING 'UTF8' TEMPLATE template0 OWNER testfor_psl_user;
The second one is pretty similar:
CREATE DATABASE myproject;
GRANT ALL PRIVILEGES ON DATABASE myproject TO myprojectuser;
In both cases we can see that all privileges are granted to the user.
Why do they do that? Django uses two privileges: select and insert. Granting all privileges is not safe.
I'm not thinking of making postgres the owner of the database. And granting select and insert privileges to myprojectuser.
Could you comment on this question and share your experience of creating a database. Could you point at a useful link on this matter.
Aucun commentaire:
Enregistrer un commentaire