Marc Munro <marc(at)bloodnok(dot)com> writes:
> It seems that in order to create an object in a given schema, I must
> have been granted create privilege on the schema. But in order to drop
> that object I require usage privilege.
> This means that with the right privilege settings I can create objects
> that I cannot subsequently drop, or can drop an object that I cannot
> recreate.
Yeah. So? You can get similar effects with read-only or write-only
directories in Unix filesystems. Don't see why you find this surprising.
regards, tom lane