"Webb Sprague" <[EMAIL PROTECTED]> writes:
> Also, I revoked what I thought was everything possible on the public
> schema, but a user is still able to create a table in that schema --
> could someone explain:
> oregon=# revoke create on schema public from foobar cascade;
> REVOKE
You've got a conceptual error here: the above only does something if
you'd previously done an explicit "GRANT TO foobar". You haven't,
so there's nothing to revoke.
The reason people can create stuff in public is that by default,
create on schema public is granted to PUBLIC, ie the world.
Start with
revoke all on schema public from public
and then grant only what you want.
regards, tom lane
--
Sent via pgsql-general mailing list (pgsql-general@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-general
