From: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
---|---|
To: | "Jan-Peter Seifert" <Jan-Peter(dot)Seifert(at)gmx(dot)de> |
Cc: | pgsql-admin(at)postgresql(dot)org |
Subject: | Re: information_schema.role_table_grants differs from relacl |
Date: | 2010-09-15 16:29:42 |
Message-ID: | 8016.1284568182@sss.pgh.pa.us |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-admin |
"Jan-Peter Seifert" <Jan-Peter(dot)Seifert(at)gmx(dot)de> writes:
> there seems to be a difference between information_schema and pg_catalog when it comes to privileges.
> pg_class and pgAdmin III show ACL = arwdDxt
> pgAdmin III displays this as:
> GRANT ALL ON TABLE blabla.tabelle TO benutzer;
> However, information_schema.role_table_grants has is_grantable = YES for every privilege_type on this view for the user in question.
> The user is owner of the view and also superuser.
> So my question is: is is_grantable not the same as 'WITH GRANT OPTION'?
An object's owner always has all grant options. By convention, this
isn't explicitly represented in the acl array; rather it's hard-wired
into the backend code behavior. There is some info about how to read
acl values in the Notes section of the GRANT reference page.
regards, tom lane
From | Date | Subject | |
---|---|---|---|
Next Message | Mark Rostron | 2010-09-15 18:15:47 | can you change pg_hba.conf and restart the listener on the fly? |
Previous Message | Jan-Peter Seifert | 2010-09-15 15:55:50 | information_schema.role_table_grants differs from relacl |