Skip site navigation (1) Skip section navigation (2)

Re: select only user

From: "Milen A(dot) Radev" <milen(at)radev(dot)net>
To: pgsql-admin(at)postgresql(dot)org
Subject: Re: select only user
Date: 2008-01-17 15:24:02
Message-ID: fmnrui$6pq$1@ger.gmane.org (view raw or flat)
Thread:
Lists: pgsql-admin
Milen A. Radev написа:
> Jessica Richard написа:
>> I created a user and granted only "select" to this user so that  this 
>> user can only select the tables on a production system. But by 
>> default, this user can also CREATE TABLE successfully....
>>
>> How can I revoke this "create table" privilege (and possible others) 
>> and limit this user to only the permissions granted by me?
>>
> 
> Revoke the "create" privilege on the "public" schema (or any other 
> schema you've created) from 'public' (that's special "role"). Also 
> revoke the "create" privilege on the database(s) in question from the 
> same special role 'public' to prevent creation of new schemas.
> 
> More here - http://www.postgresql.org/docs/current/static/sql-grant.html.

Almost forgot - there is another way if the role in question would be 
read-only:

ALTER USER username SET default_transaction_read_only to true;

(http://archives.postgresql.org/pgsql-admin/2007-10/msg00101.php)




-- 
Milen A. Radev


In response to

Responses

pgsql-admin by date

Next:From: Jerome BlomartDate: 2008-01-17 17:43:27
Subject: pgsql and net-snmp
Previous:From: Milen A. RadevDate: 2008-01-17 15:15:30
Subject: Re: select only user

Privacy Policy | About PostgreSQL
Copyright © 1996-2014 The PostgreSQL Global Development Group