On Wed, Dec 13, 2006 at 12:20:03PM -0800, developer@xxxxxxxxxxxx wrote: > grant all privileges on database test to auser > > As far as I can tell this does nothing. Intuitively this command suggests > that the auser would be able to access and modify the database test in > anyway. It would also suggest that as new tables for the database auser > would automatically have access to them. It's not intuitive to me. Just like granting full access to the root of a filesystem does not grant you access to every file on it. Each directory and file needs to be done also. > Instead it appears that we have to still individually grant access to > tables on an individual basis. It seems to me that if it did pass these > blanket privileges on it would be very useful and make administration a > lot easier. While it is not hard to initially grant the individual access > (i am looking for a script) it is a pain in the butt to maintain. Is this > in fact how it works? I beleive the usual approach is you create a role and give permissions to tables to that role and then for each user that comes along, you assign that role to the user. That makes administration easier I think. Have a nice day, -- Martijn van Oosterhout <kleptog@xxxxxxxxx> http://svana.org/kleptog/ > From each according to his ability. To each according to his ability to litigate.
Attachment:
signature.asc
Description: Digital signature
