On Wed, Mar 28, 2012 at 10:54 AM, leaf_yxj <leaf_yxj@163.com> wrote:
> For oracle, the normal user can't see all the system catalog. but for
> postgresql, it looks like all the user can see the system catalog. Should
> we limit the user read privilege to system catalog?
Yeah, postgresql tends to focus on controlling what the user can DO
not so much on what they can SEE about the schema. However...
> In oracle, the system privilege has create table, create view,create
> function. For postgresql database, how to control the user who only can
> create table but can't create view. Based on the test I did, once the user
> has the create privilege on the schema, the user will have any create
> privilege on that schema. In postgresql, Rule is used to control that ???
> very confused!
PostgreSQL just doesn't have the fine grained control that Oracle has.
If you can create a table, you can create a view. OTOH, since a view
is basical an empty table with a rule on top, it's not like it's all
that different.
