Hi, Normally RelStorage creates the database tables for you and the user you have specified is the owner of those tables. For security reasons a client does not want this, but wants a different user to own the tables and instead only grant some permissions to the relstorage user. I guess theoretically there could be a bug in the relstorage code that could lead to more problems when the relstorage user has full rights to those tables. I am not losing any sleep over fears like that though. :-)
But putting aside a potentially distracting discussion about whether this extra security is needed: which permissions does relstorage really need? Select, update, insert and delete are obvious. I have seen that packing also needs the truncate permission. Everything seems to work with this combination. But for that extra bit peace of mind: am I overlooking a permission? This is on postgres btw. -- Maurits van Rees Web App Programmer at Zest Software: http://zestsoftware.nl Personal website: http://maurits.vanrees.org/ _______________________________________________ For more information about ZODB, see the ZODB Wiki: http://www.zope.org/Wikis/ZODB/ ZODB-Dev mailing list - ZODB-Dev@zope.org https://mail.zope.org/mailman/listinfo/zodb-dev