| From: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
|---|---|
| To: | "Tony Webb" <amw(at)sanger(dot)ac(dot)uk> |
| Cc: | pgsql-general(at)postgresql(dot)org |
| Subject: | Re: Revoking CREATE TABLE |
| Date: | 2010-03-24 16:37:28 |
| Message-ID: | 23607.1269448648@sss.pgh.pa.us |
| Views: | Whole Thread | Raw Message | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general |
"Tony Webb" <amw(at)sanger(dot)ac(dot)uk> writes:
> Thanks Tom,
> I think I'm still doing something wrong.
> As a superuser I run:
> #revoke create on schema public from public;
> REVOKE
> As the read only user straight after running the above:
> create table barney2(col1 integer);
> CREATE TABLE
It works for me:
regression=# create user ro;
CREATE ROLE
regression=# \c - ro
You are now connected to database "regression" as user "ro".
regression=> create table t1 (f1 int);
CREATE TABLE
[ in another session, as superuser ]
regression=# revoke create on schema public from public;
REVOKE
[ back to first session ]
regression=> create table t2 (f1 int);
ERROR: permission denied for schema public
Are you sure you revoked the privilege in the same database the read
only user is working in?
> What should I try next? Presumably the privilege is being inherited from
> another role?
Not unless you manually set things up that way.
regards, tom lane
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Tom Lane | 2010-03-24 16:40:28 | Re: Fw: Clipping values |
| Previous Message | Ovid | 2010-03-24 16:30:56 | Fw: Clipping values |