Home > mailing lists

Revoking table & function creation privileges - Mailing list pgsql-general

From	Moshe Jacobson
Subject	Revoking table & function creation privileges
Date	August 9, 2012 17:54:39
Msg-id	CAJ4CxL=JONoUcDzdChbwXXDJJ1s_MqF36d_onL1SSUcK6ubffQ@mail.gmail.com Whole thread Raw
Responses	Re: Revoking table & function creation privileges (Mike Blackwell <mike.blackwell@rrd.com>)
List	pgsql-general

Tree view

I posted this in Devshed forums (here) but no one seems to be responding. Hopefully someone here can help.

How do I keep a user from being able to create tables in the public schema?

I have tried REVOKE CREATE FROM username ON SCHEMA PUBLIC but they can still create tables.

The user has no special attributes and is not a member of another role.

mjacobson@zeus=>[local]:ises=> \dn+ public
List of schemas
Name | Owner | Access privileges | Description
--------+----------+----------------------+------------------------
public | postgres | postgres=UC/postgres+| standard public schema
| | =UC/postgres +|
| | webuser=U/postgres |
(1 row)

mjacobson@zeus=>[local]:ises=> select current_user;
current_user
--------------
mjacobson
(1 row)

mjacobson@zeus=>[local]:ises=> \du+ mjacobson
List of roles
Role name | Attributes | Member of | Description
-----------+------------+-----------+-------------
mjacobson | | {} |

mjacobson@zeus=>[local]:ises=> create table tb_foo(i int);
CREATE TABLE
mjacobson@zeus=>[local]:ises=> drop table tb_foo;
DROP TABLE

Moshe Jacobson
Nead Werx, Inc. | Senior Systems Engineer

2323 Cumberland Parkway, Suite 201 | Atlanta, GA 30339
moshe@neadwerx.com | www.neadwerx.com

pgsql-general by date:

From: Geert Mak
Date: 09 August 2012, 17:15:29
Subject: documentation — version switch

From: Mike Blackwell
Date: 09 August 2012, 18:02:41
Subject: Re: Revoking table & function creation privileges

Revoking table & function creation privileges - Mailing list pgsql-general

Previous

Next