database/postgres
1
0
Fork 0
mirror of https://github.com/postgres/postgres.git synced 2025-09-02 04:21:28 +03:00
Code Activity

Try to be a little bit clearer about the implications of GRANT TO PUBLIC

Browse Source 
and REVOKE FROM PUBLIC: the latter is not the same as 'revoke from all
users', but the ref page blurred the difference.
This commit is contained in:
Tom Lane
2001-11-19 19:03:56 +00:00
parent 6f6567812e
commit ec62ba9361
2 changed files with 34 additions and 12 deletions
Download Patch File Download Diff File Expand all files Collapse all files

24
doc/src/sgml/ref/grant.sgml
View File

@@ -1,5 +1,5 @@
<!--
$Header: /cvsroot/pgsql/doc/src/sgml/ref/grant.sgml,v 1.15 2001/11/18 20:35:02 petere Exp $
$Header: /cvsroot/pgsql/doc/src/sgml/ref/grant.sgml,v 1.16 2001/11/19 19:03:56 tgl Exp $
Postgres documentation
-->
@@ -27,18 +27,30 @@ GRANT { { SELECT | INSERT | UPDATE | DELETE | RULE | REFERENCES | TRIGGER } [,..
<para>
The <command>GRANT</command> command gives specific permissions on
an object (table, view, sequence) to a user or a group of users.
The special key word <literal>PUBLIC</literal> indicates that the
an object (table, view, sequence) to one or more users or groups of users.
These permissions are added to those already granted, if any.
</para>
<para>
The key word <literal>PUBLIC</literal> indicates that the
privileges are to be granted to all users, including those that may
be created later.
be created later. <literal>PUBLIC</literal> may be thought of as an
implicitly defined group that always includes all users.
Note that any particular user will have the sum
of privileges granted directly to him, privileges granted to any group he
is presently a member of, and privileges granted to
<literal>PUBLIC</literal>.
</para>
<para>
Users other than the creator do not have any access privileges
unless the creator grants permissions, after the object is created.
to an object unless the creator grants permissions.
There is no need to grant privileges to the creator of an object,
as the creator automatically holds all privileges, and can also
drop the object.
drop the object. (The creator could, however, choose to revoke
some of his own privileges for safety. Note that the ability to
grant and revoke privileges is inherent in the creator and cannot
be lost.)
</para>
<para>