Quick Links

'revoke create on database' doesn't work as expected

From:	Arnout Engelen <pgsql(at)bzzt(dot)net>
To:	pgsql-general(at)postgresql(dot)org
Subject:	'revoke create on database' doesn't work as expected
Date:	2002-12-21 01:13:42
Message-ID:	20021221011342.GA15706@mintzer.sci.kun.nl
Views:	Raw Message \| Whole Thread \| Download mbox \| Resend email
Thread:
Lists:	pgsql-general

Hi,

I'm having a bit of trouble using the 'revoke on database' feature
of postgresql 7.3. I've installed postgresql for the first time 2
days ago, so excuse me if I'm doing something stupid here ;)

Suppose I want to deny the user 'arnouten' the privilege of
creating tables in the database 'leenmarkt'. Logged in as 'postgres',
I so:

leenmarkt=# revoke create on database leenmarkt from public;
REVOKE
leenmarkt=# revoke create on database leenmarkt from arnouten;
REVOKE
leenmarkt=# revoke all on database leenmarkt from arnouten;
REVOKE
leenmarkt=# revoke all on database leenmarkt from public;
REVOKE

Now the datacl-field in pg_database is set to
'{=,postgres=CT,leenmarkt=CT}' for the database 'leenmarkt'.

arnouten is not superuser:

The database is owned by postgres:

but still, when I log in as 'arnouten', I can create tables
in the leenmarkt database... Anyone a clue as to what I might
be doing wrong here?

I appreciate your remarks,

Regards,

--
Arnout Engelen <pgsql(at)bzzt(dot)net>

"If it sounds good, it /is/ good."
-- Duke Ellington

Responses

Re: 'revoke create on database' doesn't work as expected at 2002-12-21 01:21:55 from Tom Lane

Browse pgsql-general by date

	From	Date	Subject
Next Message	Tom Lane	2002-12-21 01:21:55	Re: 'revoke create on database' doesn't work as expected
Previous Message	Tom Lane	2002-12-21 01:13:32	Re: table schema causes crash