Untangling the Web of PostgreSQL Permissions

Wednesday, October 23 at 16:20–17:10
Room: Olympia

Users, roles, and permissions in PostgreSQL - it sounds like a snoozefest, right? Wrong. This dull topic is a minefield of disasters waiting to happen. One wrong GRANT and suddenly your intern has DROP privileges on your production database. Oops.

In this talk, we'll navigate the treacherous waters of PostgreSQL's security model. We'll start with the basics - what's the difference between a user and a role anyway? (Spoiler: nothing, but don't tell anyone I told you that.) Then we'll dive into the nitty-gritty of permissions, from the obvious (SELECT, INSERT) to the obscure (TRUNCATE, anyone?).

But wait, there's more! We'll explore the dark art of role inheritance, where permissions spread like a virus through your database. You'll learn how to create a permissions structure that anyone can understand. You'll also learn to audit your setup without going insane.

By the end of this session, you'll have the tools to secure your PostgreSQL instance well. It will be tighter than Fort Knox. At least, it will be tight enough that your CEO can't accidentally delete the entire customer table. Whether you're a newbie or a seasoned DBA, you'll walk away with practical tips to make your database security less of a headache and more of a... well, slightly smaller headache.

Back

Join Us For PostgreSQL Conference Europe 2024

October 22–25 2024

Divani Caravel Hotel, Athens, Greece