| From: | Richard Huxton <dev(at)archonet(dot)com> |
|---|---|
| To: | "Henriksen, Jonas F" <jonas(dot)f(dot)henriksen(at)imr(dot)no> |
| Cc: | pgsql-general(at)postgresql(dot)org |
| Subject: | Re: about permissions... |
| Date: | 2004-10-13 09:37:16 |
| Message-ID: | 416CF74C.3030308@archonet.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general |
Henriksen, Jonas F wrote:
> Hi,
>
> how come, if you create a user with no permissions at all, having
> been granted nothing, he can still log into any database, list
> available tables, create new here, and then delete them again. Seems
> odd...:
> Is this right, or is there something wrong with my settings in some
> way?
Schema public has default access to group public, which your new user
has access to...
richardh=# GRANT ALL ON SCHEMA public TO richardh;
GRANT
richardh=# SELECT * FROM pg_namespace ;
nspname | nspowner | nspacl
-------------+----------+-------------------
public | 1 | {=UC,richardh=UC}
...
richardh=# REVOKE ALL ON SCHEMA public FROM GROUP public;
REVOKE
richardh=# SELECT * FROM pg_namespace ;
nspname | nspowner | nspacl
-------------+----------+-----------------
public | 1 | {=,richardh=UC}
...
*DO* make sure that one user has explict access before revoking all on
public though.
--
Richard Huxton
Archonet Ltd
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Patrick Fiche | 2004-10-13 09:50:39 | psql : how to make it more silent.... |
| Previous Message | Bruce Momjian | 2004-10-13 09:36:53 | Re: [GENERAL] Reusable pl/pgsql samples ? |