Stephen Frost wrote: > The other difference would seem to be that "user identifiers" can't > be granted to users whereas "role identifiers" can be. Following > this, "rolmembers" must be NULL if rolcanlogin is true, no? That > breaks if roles can log in though. Or should we just allow granting > of "user identifiers" to other users- but if we do should the user be > permitted to do that?
If he has admin option on his own role, sure. But I suppose by default we wouldn't. One use case I see is if someone goes on vacation he can temporarily grant the privileges held by his user account to others without actually giving out the login data. -- Peter Eisentraut http://developer.postgresql.org/~petere/ ---------------------------(end of broadcast)--------------------------- TIP 1: subscribe and unsubscribe commands go to [EMAIL PROTECTED]
