Excerpts from Andrew Dunstan's message of mié jun 29 11:21:12 -0400 2011: > > I was just reading the docs on default privileges, and they say this: > > Depending on the type of object, the initial default privileges > might include granting some privileges to PUBLIC. The default is no > public access for tables, columns, schemas, and tablespaces; CONNECT > privilege and TEMP table creation privilege for databases; EXECUTE > privilege for functions; and USAGE privilege for languages. The > object owner can of course revoke these privileges. > > > I had to read it several times before I understood it properly, so I'm > not terribly happy with it. I'm thinking of revising it slightly like this: > > Depending on the type of object, the initial default privileges > might include granting some privileges to PUBLIC, including CONNECT > privilege and TEMP table creation privilege for databases, EXECUTE > privilege for functions, and USAGE privilege for languages. For > tables, columns, schemas and tablespaces the default is no public > access. The object owner can of course revoke any default PUBLIC > privileges.
Some types of objects [have/include/grant] no privileges to PUBLIC by default. These are tables, columns, schemas and tablespaces. For other types, the default privileges granted to PUBLIC are as follows: CONNECT privilege and TEMP table creation privilege for databases; EXECUTE privilege for functions; and USAGE privilege for languages. The object owner can, of course, revoke [these/any default] privileges. -- Álvaro Herrera <alvhe...@commandprompt.com> The PostgreSQL Company - Command Prompt, Inc. PostgreSQL Replication, Consulting, Custom Development, 24x7 support -- Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers
