Re: BUG #6421: Revoke column level privilage - Mailing list pgsql-bugs

From Tom Lane
Subject Re: BUG #6421: Revoke column level privilage
Date
Msg-id 22793.1327975392@sss.pgh.pa.us
Whole thread Raw
In response to BUG #6421: Revoke column level privilage  (bdmytrak@eranet.pl)
List pgsql-bugs
bdmytrak@eranet.pl writes:
> Cannot revoke column level privilages.

AFAICS this is not a bug, and it's certainly not specific to
column-level privileges.  You had "postgres" grant some privileges to
"otherUser" with grant option, and then had "otherUser" re-grant those
privileges to public.  "postgres" cannot revoke the re-grant directly.
You can have it revoke "otherUser"'s grant option.  (I think this will
require the CASCADE keyword if there are dependent privileges that
have to be revoked in consequence.)  Or you can log in as "otherUser"
and revoke the privilege grants made by that role.  This is per design
and AFAIK it's per the SQL standard's requirements.

There's a lot of fine print in the Notes sections of the GRANT and
REVOKE reference pages, which you might find helpful.

            regards, tom lane

pgsql-bugs by date:

Previous
From: Bridget Frey
Date:
Subject: Re: BUG #6200: standby bad memory allocations on SELECT
Next
From: Tom Lane
Date:
Subject: Re: BUG #6420: Incorrect description of Postgres time system