Skip site navigation (1) Skip section navigation (2)

Re: tables permissions once again

From: Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>
To: Partyka Robert <bobson(at)saturn(dot)alpha(dot)pl>
Cc: pgsql-hackers(at)postgresql(dot)org
Subject: Re: tables permissions once again
Date: 2000-11-03 22:56:13
Message-ID: 8417.973292173@sss.pgh.pa.us (view raw or flat)
Thread:
Lists: pgsql-hackers
Partyka Robert <bobson(at)saturn(dot)alpha(dot)pl> writes:
> #create table ala(a int4);
> CREATE

> #\z
> Access permissions for database "a"
>  Relation | Access permissions
> ----------+--------------------
>  ala      |
> (1 row)

> #revoke all on ala from public;
> CHANGE
> #\z
> Access permissions for database "a"
>  Relation |  Access permissions
> ----------+-----------------------
>  ala      | {"=","postgres=arwR"}
> (1 row)

> hmmm.... is everything work ok ?

Yup, that's the expected behavior.  Initially the relacl entry for a new
table is NULL, which the system will interpret as default access rights
(namely, world=no rights, owner=all rights).  As soon as you issue a
GRANT or REVOKE, a real ACL gets installed --- which will consist of the
default access rights made explicit and then modified per your GRANT or
REVOKE.  At that point you see something in \z, whereas psql doesn't
show anything in \z for a NULL acl entry.

AFAIK it's always worked like that...

			regards, tom lane

In response to

pgsql-hackers by date

Next:From: Dan MoschukDate: 2000-11-03 22:57:51
Subject: VACUUM causes violent postmaster death
Previous:From: Tom LaneDate: 2000-11-03 22:47:40
Subject: Transaction ID wraparound: problem and proposed solution

Privacy Policy | About PostgreSQL
Copyright © 1996-2014 The PostgreSQL Global Development Group