"Tim Olsen" <tolsen718@xxxxxxxxx> writes: > I take it the privilege table directly references the database by some ID > number? You've got it backwards: there is no separate privilege table. We attach privilege ACLs to the catalog entries of the objects they describe. Hence, no object, no ACL. > The reason I ask is because this sort of privilege is possible in > MySQL: just grant all privs on a database (not yet necessarily created) and > the user can drop and create that database at will. If you are looking for a MySQL equivalent, consider the idea that MySQL "databases" are really schemas in our terminology. So all you really need is to give the user CREATE privs on the database he is working in (ie, the right to create a schema) and he can create/drop/recreate his schema at will. With DROP CASCADE, he can get rid of everything within the schema at a blow, so this is really pretty close to the same functionality. regards, tom lane
