Commit3ff8cc4

committed

Add a note about the difference between Postgres' treatment of the rights

of an object owner and the SQL spec's treatment of these rights.

1 parent33f395e commit3ff8cc4Copy full SHA for 3ff8cc4

File tree

+13

-1

lines changed

+13

-1

lines changed

Lines changed: 13 additions & 1 deletion

Original file line number	Diff line number	Diff line change
`@@ -1,5 +1,5 @@`
`1`	`1`	`<!--`
`2`		`-$PostgreSQL: pgsql/doc/src/sgml/ref/grant.sgml,v 1.42 2004/08/07 20:44:50 tgl Exp $`
	`2`	`+$PostgreSQL: pgsql/doc/src/sgml/ref/grant.sgml,v 1.43 2004/09/01 04:13:11 tgl Exp $`
`3`	`3`	`PostgreSQL documentation`
`4`	`4`	`-->`
`5`	`5`
`@@ -403,6 +403,18 @@ GRANT ALL PRIVILEGES ON kinds TO manuel;`
`403`	`403`	`one object per command.`
`404`	`404`	`</para>`
`405`	`405`
	`406`	`+ <para>`
	`407`	`+ <productname>PostgreSQL</productname> allows an object owner to revoke his`
	`408`	`+ own ordinary privileges: for example, a table owner can make the table`
	`409`	`+ read-only to himself by revoking his own INSERT, UPDATE, and DELETE`
	`410`	`+ privileges. This is not possible according to the SQL standard. The`
	`411`	`+ reason is that <productname>PostgreSQL</productname> treats the owner's`
	`412`	`+ privileges as having been granted by the owner to himself; therefore he`
	`413`	`+ can revoke them too. In the SQL standard, the owner's privileges are`
	`414`	`+ granted by an assumed entity <quote>_SYSTEM</>. Not being`
	`415`	`+ <quote>_SYSTEM</>, the owner cannot revoke these rights.`
	`416`	`+ </para>`
	`417`	`+`
`406`	`418`	`<para>`
`407`	`419`	`The SQL standard allows setting privileges for individual columns`
`408`	`420`	`within a table:`

Comments

(0)