Hi,
Thanks for your help... I had problem with the user's permissions because I
created the users using the shell scripts:
createuser -a login -P
and users created in that way have all the privileges. The man page no makes
references to this. -a, --adduser Allows the new user to create other users.
Thanks.
Tom Lane wrote:
>
> noy <noyda@isoco.com> writes:
> > However, any user can make a select or update in the table "accounts".
>
> Surely not.
>
> test71=# select version();
> version
> ------------------------------------------------------------------
> PostgreSQL 7.1.3 on hppa2.0-hp-hpux10.20, compiled by GCC 2.95.3
> (1 row)
>
> test71=# create user foo;
> CREATE USER
> test71=# create user bar;
> CREATE USER
> test71=# \c - foo
> You are now connected as new user foo.
> test71=> create table accounts (f1 int);
> CREATE
> test71=> insert into accounts values(1);
> INSERT 1587112 1
> test71=> revoke all on accounts from public;
> CHANGE
> test71=> \z accounts
> Access privileges for database "test71"
> Table | Access privileges
> ----------+-------------------
> accounts | {"=","foo=arwR"}
> (1 row)
>
> test71=> select * from accounts;
> f1
> ----
> 1
> (1 row)
>
> test71=> \c - bar
> You are now connected as new user bar.
> test71=> select * from accounts;
> ERROR: accounts: Permission denied.
> test71=> update accounts set f1 = 2;
> ERROR: accounts: Permission denied.
> test71=>
>
> Perhaps your "any user" is actually a superuser?
>
> regards, tom lane
