Per my original email, we were calling the has_table_privilege function to revoke rather than simply revoking. Thank you very much, Sincerely, Kasia -----Original Message----- From: Kevin Grittner [mailto:Kevin.Grittner@xxxxxxxxxxxx] Sent: Tuesday, August 10, 2010 1:00 PM To: Kasia Tuszynska; Szymon Guz Cc: pgsql-admin@xxxxxxxxxxxxxx Subject: RE: postgres function does not handle PUBLIC - expected? Kasia Tuszynska <ktuszynska@xxxxxxxx> wrote: > We found this issue because we can grant privs to public on a > table, but could not revoke them. Odd. test=# create table t1 (c1 int primary key); NOTICE: CREATE TABLE / PRIMARY KEY will create implicit index "t1_pkey" for table "t1" CREATE TABLE test=# grant insert on t1 to public; GRANT test=# revoke insert on t1 from public; REVOKE test=# revoke update on t1 from public; REVOKE > If I did not "know" that public was there how > would I check for it's existence on Postgres? You would need to go to the documentation. Unfortunately, we don't mention it on this page: http://www.postgresql.org/docs/current/static/role-membership.html As Andre pointed out, you can get a reasonable explanation on the page describing the GRANT statement. -Kevin -- Sent via pgsql-admin mailing list (pgsql-admin@xxxxxxxxxxxxxx) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-admin