Robert Watson ([EMAIL PROTECTED]) reports a bug with a severity of 2 The lower the number the more severe it is. Short Description Any user able to connect to a database can create tables/etc Long Description There is no access control mechanism by which users can be allowed to connect to a database, but not create tables. Ideally, only the DBA would be able to create new tables, or some ACL would exist on the database to limit which users could create tables. As it stands, this is a severe limitation for sites that wish to allow mutually suspicious users to host different databases on the same backend. One solution might be to add an ACL to the database itself enumerating various rights for various principals, including: connect (can connect to the database at all) create (can create tables, views, et al) delete (can delete tables, views, et al) You could imagine other rights being necessary or useful also. This type of feature would make PostgreSQL far more useful in ISP/ASP environments. Sample Code No file was uploaded with this report
