| From: | Adrian Klaver <adrian(dot)klaver(at)gmail(dot)com> |
|---|---|
| To: | leaf_yxj <leaf_yxj(at)163(dot)com> |
| Cc: | pgsql-general(at)postgresql(dot)org |
| Subject: | Re: Limit the normal user to see system catalog or not??? And create privilege??? |
| Date: | 2012-03-28 20:54:58 |
| Message-ID: | 4F737AA2.8040004@gmail.com |
| Views: | Whole Thread | Raw Message | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general |
On 03/28/2012 09:54 AM, leaf_yxj wrote:
> For oracle, the normal user can't see all the system catalog. but for
> postgresql, it looks like all the user can see the system catalog. Should
> we limit the user read privilege to system catalog?
>
> In oracle, the system privilege has create table, create view,create
> function. For postgresql database, how to control the user who only can
> create table but can't create view. Based on the test I did, once the user
> has the create privilege on the schema, the user will have any create
> privilege on that schema. In postgresql, Rule is used to control that ???
> very confused!
Path to unconfusion:):
http://www.postgresql.org/docs/9.0/interactive/sql-grant.html
You can grant CREATE on a schema and then restrict CREATE within the
schema for different objects types. In recent versions you are looking
for ALL * IN SCHEMA schema_name where * is the object type.
>
> Thanks.
> Regards.
>
> Grace
>
> --
--
Adrian Klaver
adrian(dot)klaver(at)gmail(dot)com
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Naoko Reeves | 2012-03-28 22:31:43 | could not read block... how could I identify/fix |
| Previous Message | Kenneth Tilton | 2012-03-28 20:25:02 | Re: How return a row from a function so it is recognized as such by caller? |