| From: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
|---|---|
| To: | Partyka Robert <bobson(at)saturn(dot)alpha(dot)pl> |
| Cc: | pgsql-hackers(at)postgresql(dot)org |
| Subject: | Re: tables permissions once again |
| Date: | 2000-11-03 22:56:13 |
| Message-ID: | 8417.973292173@sss.pgh.pa.us |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
Partyka Robert <bobson(at)saturn(dot)alpha(dot)pl> writes:
> #create table ala(a int4);
> CREATE
> #\z
> Access permissions for database "a"
> Relation | Access permissions
> ----------+--------------------
> ala |
> (1 row)
> #revoke all on ala from public;
> CHANGE
> #\z
> Access permissions for database "a"
> Relation | Access permissions
> ----------+-----------------------
> ala | {"=","postgres=arwR"}
> (1 row)
> hmmm.... is everything work ok ?
Yup, that's the expected behavior. Initially the relacl entry for a new
table is NULL, which the system will interpret as default access rights
(namely, world=no rights, owner=all rights). As soon as you issue a
GRANT or REVOKE, a real ACL gets installed --- which will consist of the
default access rights made explicit and then modified per your GRANT or
REVOKE. At that point you see something in \z, whereas psql doesn't
show anything in \z for a NULL acl entry.
AFAIK it's always worked like that...
regards, tom lane
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Dan Moschuk | 2000-11-03 22:57:51 | VACUUM causes violent postmaster death |
| Previous Message | Tom Lane | 2000-11-03 22:47:40 | Transaction ID wraparound: problem and proposed solution |