Stephen Frost <sfrost@xxxxxxxxxxx> writes: > * David G. Johnston (david.g.johnston@xxxxxxxxx) wrote: >> Not sure if this is what you mean but there is no concept of "negative >> state" in the permissions system. Everything starts out with no >> permissions. Grant adds permissions and revoke un-adds granted >> permissions. Revoking something that doesn't exist is either a no-op or a >> warning depending on the context - either way its doesn't setup a >> "forbidden" state for the permission. > This isn't entirely correct. Functions are the classic example where > EXECUTE to PUBLIC is part of the default and the "negative" state of > having a function where EXECUTE is REVOKE'd from PUBLIC is entirely > reasonable and even common. FWIW, I thought David's description was fine. The fact that the initial state of an object typically includes some positive grants doesn't change the fact that there's no such thing as a negative grant. In particular, if there is a GRANT TO PUBLIC, no amount of revoking that privilege from individual users will have any effect, because the public grant is still there. regards, tom lane
