I apologize for my carelessness. Error rollback code including all
completed "revoke". Therefore, users can create functions. If you add
another commit before "grant temp on schema public to sec_privilege;" it
will be seen that create a function is also not possible.
14
15 create database security with owner sec_owner;
16
17 \c security
18 \set AUTOCOMMIT off
19
20 begin transaction;
21
22 revoke all on database security from public;
23 revoke all on schema public from public;
24
25 grant connect on database security to sec_privilege;
26 grant connect on database security to sec_ordinary;
27
28 grant create on database security to sec_privilege;
29 grant create on schema public to sec_privilege;
insert commit here...
30
31 \set ON_ERROR_STOP off
32
33 -- This statement generates error: "ERROR: invalid privilege type
TEMP for schema"
34 -- However without this statement, "create function" is fail... Why?
35 grant temp on schema public to sec_privilege;
36
37 commit;
38
--
Sent via pgsql-general mailing list (pgsql-general@xxxxxxxxxxxxxx)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-general
