Home > mailing lists

Re: No PUBLIC access by default? - Mailing list pgsql-general

From	Alvaro Herrera
Subject	Re: No PUBLIC access by default?
Date	August 11, 2005 19:33:02
Msg-id	20050811193316.GC24670@alvh.no-ip.org Whole thread Raw
In response to	No PUBLIC access by default? (Peter Fein <pfein@pobox.com>)
Responses	Re: No PUBLIC access by default? (Tom Lane <tgl@sss.pgh.pa.us>)
List	pgsql-general

Tree view

On Thu, Aug 11, 2005 at 12:28:44PM -0500, Peter Fein wrote:

> Is there any way to disable PUBLIC access by default?  When I create a
> new object (table, function, etc.), it has no ACL, as expected.
> However, the first time I run:
>
> GRANT ALL ON FUNCTION foo() to GROUP developers;
>
> Postgress seems to do:
>
> GRANT ALL ON FUNCTION foo() to PUBLIC;

Actually, that last grant is implicit.  When an ACL is found to be null,
it's considered to have a grant to public.  So what you should actually
do is revoke those implicit permissions at object creation time.

--
Alvaro Herrera (<alvherre[a]alvh.no-ip.org>)
"Investigación es lo que hago cuando no sé lo que estoy haciendo"
(Wernher von Braun)

pgsql-general by date:

From: Michael Fuhr
Date: 11 August 2005, 19:17:03
Subject: Re: new Perl Server-Side Language in 8.0

From: Shane
Date: 11 August 2005, 19:33:31
Subject: Re: Index not being used unless enable_seqscan=false

Re: No PUBLIC access by default? - Mailing list pgsql-general

Previous

Next