I was just reading the docs on default privileges, and they say this:
Depending on the type of object, the initial default privileges
might include granting some privileges to PUBLIC. The default is no
public access for tables, columns, schemas, and tablespaces; CONNECT
privilege and TEMP table creation privilege for databases; EXECUTE
privilege for functions; and USAGE privilege for languages. The
object owner can of course revoke these privileges.
I had to read it several times before I understood it properly, so I'm
not terribly happy with it. I'm thinking of revising it slightly like this:
Depending on the type of object, the initial default privileges
might include granting some privileges to PUBLIC, including CONNECT
privilege and TEMP table creation privilege for databases, EXECUTE
privilege for functions, and USAGE privilege for languages. For
tables, columns, schemas and tablespaces the default is no public
access. The object owner can of course revoke any default PUBLIC
privileges.
That seems clearer to me, but maybe other people can make it clearer still.
Comments?
cheers
andrew
--
Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-hackers
