Home > mailing lists

Re: about permissions... - Mailing list pgsql-general

From	Richard Huxton
Subject	Re: about permissions...
Date	October 13, 2004 13:37:24
Msg-id	416CF74C.3030308@archonet.com Whole thread Raw
In response to	about permissions... ("Henriksen, Jonas F" <jonas.f.henriksen@imr.no>)
List	pgsql-general

Tree view

Henriksen, Jonas F wrote:
> Hi,
>
> how come, if you create a user with no permissions at all, having
> been granted nothing, he can still log into any database, list
> available tables, create new here, and then delete them again. Seems
> odd...:

> Is this right, or is there something wrong with my settings in some
> way?

Schema public has default access to group public, which your new user
has access to...

richardh=# GRANT ALL ON SCHEMA public TO richardh;
GRANT
richardh=# SELECT * FROM pg_namespace ;
    nspname   | nspowner |      nspacl
-------------+----------+-------------------
  public      |        1 | {=UC,richardh=UC}
...

richardh=# REVOKE ALL ON SCHEMA public FROM GROUP public;
REVOKE
richardh=# SELECT * FROM pg_namespace ;
    nspname   | nspowner |     nspacl
-------------+----------+-----------------
  public      |        1 | {=,richardh=UC}
...

*DO* make sure that one user has explict access before revoking all on
public though.

--
   Richard Huxton
   Archonet Ltd

pgsql-general by date:

From: Tino Wildenhain
Date: 13 October 2004, 13:09:09
Subject: Re: adding two tables

From: "Patrick Fiche"
Date: 13 October 2004, 13:52:47
Subject: psql : how to make it more silent....

Re: about permissions... - Mailing list pgsql-general

Previous

Next