mirror of
https://git.postgresql.org/git/postgresql.git
synced 2024-12-21 08:29:39 +08:00
Improve wording of documentation on default privileges.
Per recent -hackers discussion.
This commit is contained in:
parent
4240e429d0
commit
75726307e6
@ -139,15 +139,16 @@ GRANT <replaceable class="PARAMETER">role_name</replaceable> [, ...] TO <replace
|
|||||||
</para>
|
</para>
|
||||||
|
|
||||||
<para>
|
<para>
|
||||||
Depending on the type of object, the initial default privileges might
|
PostgreSQL grants default privileges on some types of objects to
|
||||||
include granting some privileges to <literal>PUBLIC</literal>.
|
<literal>PUBLIC</literal>. No privileges are granted to
|
||||||
The default is no public access for tables, columns, schemas, and
|
<literal>PUBLIC</literal> by default on tables,
|
||||||
tablespaces;
|
columns, schemas or tablespaces. For other types, the default privileges
|
||||||
<literal>CONNECT</> privilege and <literal>TEMP</> table creation privilege
|
granted to <literal>PUBLIC</literal> are as follows:
|
||||||
for databases;
|
<literal>CONNECT</literal> and <literal>CREATE TEMP TABLE</literal> for
|
||||||
<literal>EXECUTE</> privilege for functions; and
|
databases; <literal>EXECUTE</literal> privilege for functions; and
|
||||||
<literal>USAGE</> privilege for languages.
|
<literal>USAGE</literal> privilege for languages.
|
||||||
The object owner can of course revoke these privileges. (For maximum
|
The object owner can, of course, <command>REVOKE</command>
|
||||||
|
both default and expressly granted privileges. (For maximum
|
||||||
security, issue the <command>REVOKE</> in the same transaction that
|
security, issue the <command>REVOKE</> in the same transaction that
|
||||||
creates the object; then there is no window in which another user
|
creates the object; then there is no window in which another user
|
||||||
can use the object.)
|
can use the object.)
|
||||||
|
Loading…
Reference in New Issue
Block a user