Excerpts from Robert Haas's message of mié jun 29 13:42:34 -0400 2011:
> > How about this?
> >
> > Some types of objects deny all privileges to PUBLIC by default. These
> > are tables, columns, schemas and tablespaces. For other types, the
> > default privileges granted to PUBLIC are as follows: CONNECT privilege
> > and TEMP table creation privilege for databases; EXECUTE privilege for
> > functions; and USAGE privilege for languages. The object owner can,
> > of course, revoke both default and expressly granted privileges.
>
> Or, since I find the use of the word "deny" a bit unclear:
>
> When a table, column, schema, or tablespace is created, no privileges
> are granted to PUBLIC. But for other objects, some privileges will be
> granted to PUBLIC automatically at the time the object is created:
> CONNECT privilege and TEMP table creation privilege for database, ...
> <etc., the rest as you have it>
Hmm, I like David's suggestion better, but I agree with you that "deny"
isn't the right verb there. I have no better suggestions at moment
though.
--
Álvaro Herrera <alvherre@commandprompt.com>
The PostgreSQL Company - Command Prompt, Inc.
PostgreSQL Replication, Consulting, Custom Development, 24x7 support
