| And should be easier to find in the manual! I've looked in many related chapters of the 8.2 manual for a way to find out WHY a specific user has access to a database. Chapter 5 Data Definition Chapter 18 Database Roles & Privileges Chapter 20 Client Authorization postgres=# select * from pg_roles; rolname | rolsuper | rolinherit | rolcreaterole | rolcreatedb | rolcatupdate | rolcanlogin | rolconnlimit | rolpassword | rolvaliduntil | rolconfig | oid ----------+----------+------------+---------------+-------------+--------------+-------------+--------------+-------------+---------------+-----------+------- lines removed smithrn | f | f | t | t | f | t | -1 | ******** | infinity | | 16393 This user can connect via his .pgpass or manually since he's in a netID range that requires a password. But he can create and drop tables in any database!!! Why is that? How can I find out what he can do? The GRANT and REVOKE sections say nothing about which pg_xxxx tables to query, and I've been lookin'! Thank you! Ralph Smith ===================== |
