On 9/6/16 3:16 PM, Greg Fodor wrote:
> It seems that functionality that lets a superuser quickly audit the
> privileges for a user (including those granted via PUBLIC) would be
> really helpful for diagnosing cases where that user can do something
> they shouldn't be allowed to.
That's actually relatively easy to do today; see the has_*_privilege()
functions.
You might also find http://pgxn.org/dist/pg_acl useful.
--
Jim Nasby, Data Architect, Blue Treble Consulting, Austin TX
Experts in Analytics, Data Architecture and PostgreSQL
Data in Trouble? Get it in Treble! http://BlueTreble.com
855-TREBLE2 (855-873-2532) mobile: 512-569-9461