| From: | Ralph Smith <smithrn(at)washington(dot)edu> |
|---|---|
| To: | pgsql-general(at)postgresql(dot)org |
| Subject: | I'm in need of something that should be there |
| Date: | 2008-03-06 00:08:46 |
| Message-ID: | 918BD416-9B71-4B8D-A10B-96E31C6A1360@washington.edu |
| Views: | Whole Thread | Raw Message | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general |
And should be easier to find in the manual!
I've looked in many related chapters of the 8.2 manual for a way to
find out
WHY a specific user has access to a database.
Chapter 5 Data Definition
Chapter 18 Database Roles & Privileges
Chapter 20 Client Authorization
postgres=# select * from pg_roles;
rolname | rolsuper | rolinherit | rolcreaterole | rolcreatedb |
rolcatupdate | rolcanlogin | rolconnlimit | rolpassword |
rolvaliduntil | rolconfig | oid
----------+----------+------------+---------------+-------------
+--------------+-------------+--------------+-------------
+---------------+-----------+-------
lines removed
smithrn | f | f | t | t |
f | t | -1 | ******** |
infinity | | 16393
This user can connect via his .pgpass or manually since he's in a
netID range that requires a password.
But he can create and drop tables in any database!!!
Why is that?
How can I find out what he can do?
The GRANT and REVOKE sections say nothing about which pg_xxxx tables
to query, and I've been lookin'!
Thank you!
Ralph Smith
=====================
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Bruce Momjian | 2008-03-06 03:22:11 | Re: Constraint name for named NOT NULL constraints is ignored |
| Previous Message | dmp | 2008-03-05 20:34:07 | Re: Changing column names in tables 2 |