I have created a user called epi who is not allowed to create database but allowed to create users.
I have connected as user epi and have then created user kertal with the following command:
shop=# CREATE USER kertal WITH PASSWORD 'anypasswd' CREATEDB CREATEUSER IN GROUP cybertec;
According to the system table kertal is allowed to create databases
- I have also tried this as user kertal and it works.
In my opinion a user that has not the right to create database MUST NOT
create user that are allowed to do it.
Have I done something wrong or is it a bug?
Hans
persons=# SELECT * FROM pg_user ;
usename | usesysid | usecreatedb | usetrace | usesuper
| usecatupd | passwd |
valuntil
----------+----------+-------------+----------+----------+-----------+----------+----------
postgres | 26 | t
| t | t
| t | ******** |
hans |
27 | f | f
| f | f
| ******** |
epi |
28 | f | f
| t | t
| ******** |
kertal | 29 |
t | f
| t | t
| ******** |
(4 rows)
-- ------------------------------------------------------------------- Cybertec Geschwinde &. Schönig OEG; Schönbrunnerstraße 133/18 A-1050 Wien; http://postgres.cybertec.at; Fax.: +43/1/961 71 58 Tel.: +43/664/233 90 75
