raf написа:
> hi,
>
> in my database, normal users can't select, insert, update or
> delete anything directly. they can only call functions which
> are all security defining functions which give access to the
> data. that's the way i like it.
>
> however, i discovered that normal users can create new
> tables in the database. is there any way to prevent this?
> i couldn't find any grant/revoke syntax in the doco that
> looked relevant.
[...]
You need to revoke the "CREATE" privilege for the schema(s) in question
(http://www.postgresql.org/docs/current/static/sql-grant.html#SQL-GRANT-DESCRIPTION-OBJECTS)
--
Milen A. Radev