""Jim Nasby"" <[EMAIL PROTECTED]> write > Yes, but it doesn't really specify if you have to have a privilege in > order to grant it, although reading one of the notes[1] tends to indicate > that you must have a role in order to grant it. Unless I'm overlooking > some part of the docs?
I am confused by the combination of USER and ROLE in 8.1 at first glance. In my memory, USER is a representation of somebody using the database, just as USER in OS. USER can also always login into the system, except the Admin prohibit it. ROLE is a collection of some priviledges. A USER can act as multiple ROLEs, but in real life, it cannot act as multiple ROLEs are the same time. That's why some system define that a USER can only act as one ROLE at a moment, but she can change her ROLE with "SET SESSION ROLE TO <anotherRole>". Maybe I will read more about SQL:2003, pgsql-8.1 doc and RBAC (Role Based Access Control, http://csrc.nist.gov/rbac/rbac-stds-roadmap.html) to understand it correctly. Regards, William ZHANG ---------------------------(end of broadcast)--------------------------- TIP 2: Don't 'kill -9' the postmaster
