Milen A. Radev написа:
> Jessica Richard написа:
>> I created a user and granted only "select" to this user so that this
>> user can only select the tables on a production system. But by
>> default, this user can also CREATE TABLE successfully....
>> How can I revoke this "create table" privilege (and possible others)
>> and limit this user to only the permissions granted by me?
> Revoke the "create" privilege on the "public" schema (or any other
> schema you've created) from 'public' (that's special "role"). Also
> revoke the "create" privilege on the database(s) in question from the
> same special role 'public' to prevent creation of new schemas.
> More here - http://www.postgresql.org/docs/current/static/sql-grant.html.
Almost forgot - there is another way if the role in question would be
ALTER USER username SET default_transaction_read_only to true;
Milen A. Radev
In response to
pgsql-admin by date
|Next:||From: Jerome Blomart||Date: 2008-01-17 17:43:27|
|Subject: pgsql and net-snmp|
|Previous:||From: Milen A. Radev||Date: 2008-01-17 15:15:30|
|Subject: Re: select only user|