Tom Lane írta:
> Zoltan Boszormenyi <zb@cybertec.at> writes:
>
>> I have "trust" entries in pg_hba.conf because my machine is closed.
>> I added some PG users, and one of them was used in:
>>
>
>
>> REVOKE CONNECT ON DATABASE zozo FROM hs;
>>
>
>
>> However, user "hs" can happily connect to database "zozo"
>> despite the REVOKE.
>>
>
> Unless you had previously done a specific GRANT CONNECT TO hs,
> the above command doesn't do a darn thing. The privilege that
> actually exists by default is a grant of connect to PUBLIC.
> What you need to do is REVOKE FROM PUBLIC, and then GRANT to
> whichever users/groups you want to allow to connect.
>
> regards, tom lane
>
Thanks very much for the clarification. The documentation
doesn't spell it out as clearly. Another possibility is that
I can't read and interpret correctly. :-)
--
Bible has answers for everything. Proofs:
"But let your communication be, Yea, yea; Nay, nay: for whatsoever is more
than these cometh of evil." (Matthew 5:37) - basics of digital technology.
"May your kingdom come" - superstitious description of plate tectonics
----------------------------------
Zoltán Böszörményi
Cybertec Schönig & Schönig GmbH
http://www.postgresql.at/
