Strange Grant behavior in postgres 8.3

From: Schwaighofer Clemens <clemens(dot)schwaighofer(at)tequila(dot)jp>
To: pgsql-general(at)postgresql(dot)org
Subject: Strange Grant behavior in postgres 8.3
Date: 2009-02-17 08:27:11
Message-ID: fed954960902170027k41bb10dne0324eb98efa886d@mail.gmail.com
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-general

Version:
PostgreSQL 8.3.5 on i486-pc-linux-gnu, compiled by GCC gcc-4.3.real
(Debian 4.3.2-1) 4.3.2

I have a DB "foo" created and owned by postgres.

No I created another role called "bar" and with the user postgres in
the db foo I did:

#> grant all on foo to bar;

when I select from pg_database I can see the correct line

bar=CTc/postgres for the db foo

I login with user bar to foo

$ psql -U bar -h localhost foo

but I cannot select anything from any table.

Now the strange part.

I grant to one table only a all privileges
#> grant all on table nodes to bar

$> \z nodes
Schema | Name | Type | Access privileges
--------+-------+-------+---------------------------------------------------
public | nodes | table | {postgres=arwdxt/postgres,foo=arwdxt/postgres}

and then the user bar could read from all tables.

What am I doing wrong? Or where can I look if I missed something

--
[ Clemens Schwaighofer -----=====:::::~ ]
[ IT Engineer/Manager ]
[ E-Graphics Communications, TEQUILA\ Japan IT Group ]
[ 6-17-2 Ginza Chuo-ku, Tokyo 104-8167, JAPAN ]
[ Tel: +81-(0)3-3545-7703 Fax: +81-(0)3-3545-7343 ]
[ http://www.tequila.jp ]

Advertising Age Global Agency of the Year 2008
Adweek Global Agency of the Year 2008

This e-mail is intended only for the named person or entity to which
it is addressed and contains valuable business information that is
privileged, confidential and/or otherwise protected from disclosure.
Dissemination, distribution or copying of this e-mail or the
information herein by anyone other than the intended recipient, or
an employee or agent responsible for delivering the message to the
intended recipient, is strictly prohibited. All contents are the
copyright property of TBWA Worldwide, its agencies or a client of
such agencies. If you are not the intended recipient, you are
nevertheless bound to respect the worldwide legal rights of TBWA
Worldwide, its agencies and its clients. We require that unintended
recipients delete the e-mail and destroy all electronic copies in
their system, retaining no copies in any media.If you have received
this e-mail in error, please immediately notify us via e-mail to
disclaimer(at)tbwaworld(dot)com(dot) We appreciate your cooperation.

We make no warranties as to the accuracy or completeness of this
e-mail and accept no liability for its content or use. Any opinions
expressed in this e-mail are those of the author and do not
necessarily reflect the opinions of TBWA Worldwide or any of its
agencies or affiliates.

Responses

Browse pgsql-general by date

  From Date Subject
Next Message Raymond O'Donnell 2009-02-17 10:08:09 Re: transfering tables into other schema
Previous Message Scott Marlowe 2009-02-17 08:09:10 Re: transfering tables into other schema