Re: Restoring default privileges on objects

Erik Wienhold <ewie(at)ewie(dot)name> writes:
> On 29/08/2023 03:23 CEST Stuart McGraw <smcgraw(at)mtneva(dot)com> wrote:
>> If I've done a GRANT or REVOKE on some of the tables, how do I restore
>> the default privileges so that the “Access privileges” appears empty
>> again? I re-granted what I think are the default privileges but the
>> "Access privileges" column for that table contains "user1=arwdDxt/user1"
>> rather than being blank. This is Postgresql-14.

> Yes, "user1=arwdDxt/user1" matches the default privileges if user1 is the table
> owner.

Right. There is no (supported) way to cause the ACL entry to go back
to null. It starts life that way as an ancient hack to save a step
during object creation. But the moment you do anything to the object's
privileges, the NULL is replaced by an explicit representation of the
default privileges, which is then modified per whatever command you
are giving. After that the privileges will always be explicit.

There's been occasional discussion of changing this behavior, but
it'd take work and it'd likely add about as much surprise as it
removes. People have been used to this quirk for a long time.

regards, tom lane