Excerpts from Robert Haas's message of mié jun 29 13:42:34 -0400 2011:
> > How about this?
> > Some types of objects deny all privileges to PUBLIC by default. These
> > are tables, columns, schemas and tablespaces. For other types, the
> > default privileges granted to PUBLIC are as follows: CONNECT privilege
> > and TEMP table creation privilege for databases; EXECUTE privilege for
> > functions; and USAGE privilege for languages. The object owner can,
> > of course, revoke both default and expressly granted privileges.
> Or, since I find the use of the word "deny" a bit unclear:
> When a table, column, schema, or tablespace is created, no privileges
> are granted to PUBLIC. But for other objects, some privileges will be
> granted to PUBLIC automatically at the time the object is created:
> CONNECT privilege and TEMP table creation privilege for database, ...
> <etc., the rest as you have it>
Hmm, I like David's suggestion better, but I agree with you that "deny"
isn't the right verb there. I have no better suggestions at moment
Álvaro Herrera <alvherre(at)commandprompt(dot)com>
The PostgreSQL Company - Command Prompt, Inc.
PostgreSQL Replication, Consulting, Custom Development, 24x7 support
In response to
pgsql-hackers by date
|Next:||From: Alvaro Herrera||Date: 2011-06-29 20:59:57|
|Subject: Re: Re: starting to review the Extend NOT NULL representation to pg_constraint patch|
|Previous:||From: Florian Pflug||Date: 2011-06-29 20:48:40|
|Subject: Re: Patch Review: Bugfix for XPATH() if text or attribute nodes are selected|