Hi
I hope this is the correct list to ask about a permissions problem I have.
I create a schema named cust, a table named clients, and a group named
salesmen.
I use:
REVOKE ALL ON SCHEMA cust FROM PUBLIC;
GRANT USAGE ON SCHEMA cust TO GROUP salesmen;
REVOKE ALL ON TABLE clients FROM PUBLIC;
GRANT SELECT ON TABLE clients TO GROUP salesmen;
then I do a :
\dp clients
and get:
Access privileges for database "custdb" Schema | Table |
Access
privileges
---------+---------+-------------------------------------------------------------------------------------------------
cust | clients | {admin=a*r*w*d*R*x*t*/cust,"group salesmen=r/cust"}
The problem is that when I check from within my application if a member
of the group salesmen has permissions to INSERT into the group clients,
I get an affirmative question.
I guessed it was a problem with my application, so I downloaded
postgresql_autodoc (http://www.rbt.ca/autodoc/) in order to check the
permissions better.
It also claims that group salesmen has the right to SELECT, INSERT and
DELETE on table clients.
I tried :
revoke insert on clients from group salesmen;
and nothing changed
I tried :
revoke all on clients from group salesmen;
and every permission was revoked.
Then I tried again:
GRANT SELECT ON TABLE clients TO GROUP salesmen;
and all three permissions (insert, select, delete) are back in place.
All these happen with postgresql 7.4 on linux
Is there something I'm doing wrong, something I don't understand or have
I hit a bug?
Thanks in advance
Michalis Kabrianis