RE: NOCREATETABLE patch (was: Re: Please, help!(about P ostgres))

That makes perfect sense to me. I was only going by what System 
Privileges are granted to the Oracle roles of the same name. Oracle 
has:

CONNECT -
ALTER SESSION    
CREATE CLUSTER    
CREATE DATABASE LINK    
CREATE SEQUENCE    
CREATE SESSION    
CREATE SYNONYM    
CREATE TABLE    
CREATE VIEW    

RESOURCE -
CREATE CLUSTER    
CREATE PROCEDURE    
CREATE SEQUENCE    
CREATE TABLE    
CREATE TRIGGER    

DBA -
All systems privileges WITH ADMIN OPTION    

But I agree with you. When I was first learning Oracle, I thought it 
strange that the CONNECT role had anything more than CREATE/ALTER 
SESSION privilege.

Mike Mascari
mascarm@mascari.com

-----Original Message-----
From:    Zeugswetter Andreas SB [SMTP:ZeugswetterA@wien.spardat.at]
Sent:    Wednesday, May 09, 2001 3:20 AM
To:    'Bruce Momjian'; mascarm@mascari.com
Cc:    Karel Zak; pgsql-hackers
Subject:    AW: [HACKERS] NOCREATETABLE patch (was: Re: Please, 
help!(about P    ostgres))


> > The connect group would be granted these System Privileges:

If we keep it like others (e.g. Informix) this System Privilege would 
be called
"resource". I like this name better, because it more describes the 
detailed
priviledges.

> >
> > CREATE AGGREGATE privilege
> > CREATE INDEX privilege
> > CREATE FUNCTION privilege
> > CREATE OPERATOR privilege
> > CREATE RULE privilege
> > CREATE SESSION privilege
> > CREATE SYNONYM privilege
> > CREATE TABLE privilege
> > CREATE TRIGGER privilege
> > CREATE TYPE privilege
> > CREATE VIEW privilege

The "connect" group would only have the priviledge to connect to the 
db [and
create temp tables ?] and rights they where granted, or that were 
granted to public.
They would not be allowed to create anything.

Andreas