Home > mailing lists

Re: CREATE TABLE in PUBLIC schema - Mailing list pgsql-admin

From	Tom Lane
Subject	Re: CREATE TABLE in PUBLIC schema
Date	November 13, 2002 12:47:18
Msg-id	23647.1037209642@sss.pgh.pa.us Whole thread Raw
In response to	Re: CREATE TABLE in PUBLIC schema (Heni Lolov <hal_bg@yahoo.com>)
List	pgsql-admin

Tree view

Heni Lolov <hal_bg@yahoo.com> writes:
> ive tried :
> revoke all ON schema public from hal;
> but does not work. Why?

You'd need to revoke the permissions from PUBLIC; they were never granted
specifically to hal, thus the above revoke is a no-op.

Don't forget to revoke CREATE at the database level, too, else a user
can just create his own schema.  Perhaps also revoke TEMP, depending on
whether you'd like to forbid temporary tables as well.

In short, something like

revoke create on schema public from public;
revoke create,temp on database mydb from public;

should give you a database in which users can't create anything.

            regards, tom lane

pgsql-admin by date:

From: "Warren Massengill"
Date: 13 November 2002, 11:54:34
Subject: 7.3b download problem

From: Hugh Esco
Date: 13 November 2002, 14:11:28
Subject: Troubles at Startup

Re: CREATE TABLE in PUBLIC schema - Mailing list pgsql-admin

Previous

Next