| From: | sud <suds1434(at)gmail(dot)com> |
|---|---|
| To: | Adrian Klaver <adrian(dot)klaver(at)aklaver(dot)com> |
| Cc: | pgsql-general <pgsql-general(at)lists(dot)postgresql(dot)org> |
| Subject: | Re: Grants and privileges issue |
| Date: | 2024-03-28 21:43:19 |
| Message-ID: | CAD=mzVULMrXc04RtvvVn+H1n+yEJGLbZCiMsz-uD7PToMJTRVg@mail.gmail.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general |
On Fri, Mar 29, 2024 at 2:43 AM Adrian Klaver <adrian(dot)klaver(at)aklaver(dot)com>
wrote:
>
>
> On 3/28/24 2:10 PM, sud wrote:
> > Hi, It's postgres 15.4.
> >
> > We want to give required privilege to certain users or roles and ensure
> > to not to provide any elevated privilege. I have below questions,
>
> I would suggest spending some time here:
>
> https://www.postgresql.org/docs/current/ddl-priv.html
>
> It should answer many of your questions.
>
>
>
Thank you Adrian.
I think I got the answer for my first question , as the doc says below. So
it means the "*grant usage on schema*" is a must for the user to access the
object within the schema along with the "select on table" access. And with
just "select on table" we won't be able to access the object inside the
schema.
*"For schemas, allows access to objects contained in the schema (assuming
that the objects' own privilege requirements are also met). Essentially
this allows the grantee to “look up” objects within the schema. Without
this permission, it is still possible to see the object names, e.g., by
querying system catalogs. "*
Regarding my second question, I am still unable to find out why we are
seeing "*no privileges were granted for cron/partman/part_config*' message
while adding the grants to the user?
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Ron Johnson | 2024-03-28 21:54:58 | Re: Cron not running |
| Previous Message | Lok P | 2024-03-28 21:28:06 | Cron not running |