Home > mailing lists

Re: No create table - Mailing list pgsql-admin

From	Anderson Alves de Albuquerque
Subject	Re: No create table
Date	July 27, 2007 14:43:32
Msg-id	9b3f75f0707270721rd6b0a99q99bbc977b6a70ec7@mail.gmail.com Whole thread Raw
In response to	Re: No create table (Alvaro Herrera <alvherre@commandprompt.com>)
List	pgsql-admin

Tree view

I try with "revoke all on schema PUBLIC FROM PUBLIC;", but after give GRANT SELECT user can't use SELECT. When I use "revoke CREATE on schema PUBLIC FROM PUBLIC;" and give GRANT SELECT user can use SELECT.

On 7/27/07, Alvaro Herrera <alvherre@commandprompt.com> wrote:

Anderson Alves de Albuquerque  wrote:
> I need to use a user that can not have permission to create table in one
> BD.
>
> I use revoke,  I tray with "revoke all on database XXX to|from USERNAME;",
> but I don't have success.
>
> Could someone help me?

You have to revoke permissions from the _schema_, not from databases.
Say,

revoke all on schema PUBLIC FROM PUBLIC;
revoke all on schema PUBLIC FROM username;

You have to remove from PUBLIC because otherwise the user will still
have permissions to create via that privilege, even if you take his own
permission away (if he had one at all actually).

--
Alvaro Herrera                                http://www.CommandPrompt.com/
PostgreSQL Replication, Consulting, Custom Development, 24x7 support

--
[],

pgsql-admin by date:

From: "Shawny Marsden"
Date: 27 July 2007, 14:41:41
Subject: DoD STIG for PostgreSQL

From: "George Wilk"
Date: 27 July 2007, 14:49:45
Subject: Checking database version

Re: No create table - Mailing list pgsql-admin

Previous

Next