diff --git a/doc/src/sgml/ref/grant.sgml b/doc/src/sgml/ref/grant.sgml
index fb81af4..73f88e0 100644
--- a/doc/src/sgml/ref/grant.sgml
+++ b/doc/src/sgml/ref/grant.sgml
@@ -429,11 +429,27 @@ GRANT role_name [, ...] TO
- A user may perform SELECT>, INSERT>, etc. on a
- column if he holds that privilege for either the specific column or
- its whole table. Granting the privilege at the table level and then
- revoking it for one column will not do what you might wish: the
- table-level grant is unaffected by a column-level operation.
+ Permission granted at any level of the
+ database>.>schema>.>table>.>column>
+ object hierarchy grants permission to all contained objects.
+ E.g. a user may perform SELECT>, INSERT>,
+ etc. on a column if he holds that privilege for either the
+ specific column or its whole table. Granting the privilege at the
+ table level and then revoking it for one column will not do what
+ you might wish: the table-level grant is unaffected by a
+ column-level operation. Granting a privilege to some columns of a
+ table and denying the privilege to the table's other columns is
+ done in the same way as regards all other hierarchically organized
+ database objects (e.g. granting a privilege to some tables in a
+ schema and denying the privilege to the schema's other tables):
+ deny privilege to the protected columns, to their table, their
+ schema, and their database; grant privilege to the permitted
+ columns. As described above,
+ permissions granted to the roles assigned a user are likewise
+ entirely additive. Permissions throughout
+ PostgreSQL combine in this uniform
+ fashion.