| From: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
|---|---|
| To: | bdmytrak(at)eranet(dot)pl |
| Cc: | pgsql-bugs(at)postgresql(dot)org |
| Subject: | Re: BUG #6421: Revoke column level privilage |
| Date: | 2012-01-31 02:03:12 |
| Message-ID: | 22793.1327975392@sss.pgh.pa.us |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-bugs |
bdmytrak(at)eranet(dot)pl writes:
> Cannot revoke column level privilages.
AFAICS this is not a bug, and it's certainly not specific to
column-level privileges. You had "postgres" grant some privileges to
"otherUser" with grant option, and then had "otherUser" re-grant those
privileges to public. "postgres" cannot revoke the re-grant directly.
You can have it revoke "otherUser"'s grant option. (I think this will
require the CASCADE keyword if there are dependent privileges that
have to be revoked in consequence.) Or you can log in as "otherUser"
and revoke the privilege grants made by that role. This is per design
and AFAIK it's per the SQL standard's requirements.
There's a lot of fine print in the Notes sections of the GRANT and
REVOKE reference pages, which you might find helpful.
regards, tom lane
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Tom Lane | 2012-01-31 02:21:42 | Re: BUG #6420: Incorrect description of Postgres time system |
| Previous Message | bdmytrak | 2012-01-30 22:35:05 | BUG #6421: Revoke column level privilage |