Barry Brown wrote:
> >> The docs say that initially only the owner of a database may use the
> >> objects
> >> created in it. But I have found that ANY user can work with any
> >> object by
> >> default, even in the template1 database.
> >
> > Uh, where did you see that in the docs?
>
> First paragraph of section 17.4 (Privileges):
>
> "When a database object is created, it is assigned an owner. .... By
> default, only an owner (or a superuser) can do anything with the
> object. In order to allow other users to use it, privileges must be
> granted."
>
> To me, that paragraphs says that only the owner of a database can do
> anything with it and all other privileges must be explicitly granted to
> others.
Yea, that is confusing. When they say "database object", the don't mean
database, but object created in the database, like a table or view.
I modified the text to not mention "database":
When an object is created, it is assigned an owner. The
--
Bruce Momjian | http://candle.pha.pa.us
pgman@candle.pha.pa.us | (610) 359-1001
+ If your life is a hard drive, | 13 Roberts Road
+ Christ can be your backup. | Newtown Square, Pennsylvania 19073