"Matthew T. O'Connor" <[EMAIL PROTECTED]> writes:
>> The only downside of this is that we'd lose the "feature" of being able
>> to revoke from a particular user a right that is available via PUBLIC to
>> everyone else.
> Could we add additional privlideges that explicitly restrict a user?
> Perha
A question from Joe Mitchell led me to investigate some access-checking
behavior that seems kinda broken. Currently, when aclinsert3() creates
a new entry in an ACL list, it effectively initializes the entry with
the current PUBLIC access rights, rather than with zero rights. Thus:
regression=#
