> As part of createdb, the new database will have to have it's public > schema changed to world-writable.
I have to admit that much of the schema related discussion has been over my head, but I think what I understand you to be saying here is that the default would be to allow anybody to create tables in any database that they connect to, in the same way that they currently can (with pg <= 7.2.1). (If that's not the case, you can ignore the rest of the message.) What value do users get from being able to create temp tables in any database? Don't _most_ people expect databases (from any vendor) to be writable only by the owner? I have to confess that I was surprised when I discovered that others could create tables in my PG database (although I don't have much exposure to other flavors of databases). ISTM that the best default is to have it not world writable, but that will tend to cause some consternation when people transition to 7.3 and discover (as I did) that the current pg_restore may hit snags on a non-world writable DB in certain circumstances. If I put data into a database and want to allow anybody to read it and don't want to worry about administering accounts for hundreds of users, I might create an account that anybody can use to connect. I would be unhappy if someone was able to expand that permission into something like creating tables and filling them so much that it causes problems for me. (As I said, this is all predicated on my understanding at the beginning, so if I've misunderstood this issue then perhaps this wouldn't be a problem for me.) -ron > > -- > Bruce Momjian | http://candle.pha.pa.us > [EMAIL PROTECTED] | (610) 853-3000 > + If your life is a hard drive, | 830 Blythe Avenue > + Christ can be your backup. | Drexel Hill, > Pennsylvania 19026 > > ---------------------------(end of > broadcast)--------------------------- > TIP 1: subscribe and unsubscribe commands go to > [EMAIL PROTECTED] > ---------------------------(end of broadcast)--------------------------- TIP 2: you can get off all lists at once with the unregister command (send "unregister YourEmailAddressHere" to [EMAIL PROTECTED])
