On Wed, Jun 29, 2011 at 4:49 PM, Alvaro Herrera <alvhe...@commandprompt.com> wrote: > Excerpts from Robert Haas's message of mié jun 29 13:42:34 -0400 2011: > >> > How about this? >> > >> > Some types of objects deny all privileges to PUBLIC by default. These >> > are tables, columns, schemas and tablespaces. For other types, the >> > default privileges granted to PUBLIC are as follows: CONNECT privilege >> > and TEMP table creation privilege for databases; EXECUTE privilege for >> > functions; and USAGE privilege for languages. The object owner can, >> > of course, revoke both default and expressly granted privileges. >> >> Or, since I find the use of the word "deny" a bit unclear: >> >> When a table, column, schema, or tablespace is created, no privileges >> are granted to PUBLIC. But for other objects, some privileges will be >> granted to PUBLIC automatically at the time the object is created: >> CONNECT privilege and TEMP table creation privilege for database, ... >> <etc., the rest as you have it> > > Hmm, I like David's suggestion better, but I agree with you that "deny" > isn't the right verb there. I have no better suggestions at moment > though.
Well, I think the only relevant verb is "grant", so that's why I was trying to phrase it in terms of the negative of that - i.e. explain that, in this case, we don't grant anything. -- Robert Haas EnterpriseDB: http://www.enterprisedb.com The Enterprise PostgreSQL Company -- Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers
