Re: Curious case of the unstoppable user
| От | Steve Crawford |
|---|---|
| Тема | Re: Curious case of the unstoppable user |
| Дата | |
| Msg-id | 4D923D44.2030906@pinpointresearch.com обсуждение исходный текст |
| Ответ на | Curious case of the unstoppable user (Thom Brown <thom@linux.com>) |
| Список | pgsql-general |
On 03/29/2011 11:44 AM, Thom Brown wrote: > Hi all, > > I've just set up a test user, revoked all access from them to a > database, then tried to connect to that database and it let me in. > When I try it all from scratch, it works correctly. > > Here's the set running correctly: > > postgres=# CREATE DATABASE testdb; > CREATE DATABASE > postgres=# CREATE ROLE testrole; > CREATE ROLE > postgres=# REVOKE ALL ON DATABASE testdb FROM testrole CASCADE; > REVOKE > postgres=# \c testdb testrole > FATAL: role "testrole" is not permitted to log in > Previous connection kept > > But now if I try something similar with an existing user and existing > database, it doesn't work: > > postgres=# REVOKE ALL ON DATABASE stuff FROM meow CASCADE; > REVOKE > postgres=# \c stuff meow > You are now connected to database "stuff" as user "meow". > > So, I'm overlooking something. Could someone tell me what it is? I > bet it's something obvious. I'm using 9.1dev if it's relevant. > > Thanks > Not sure, but is user "meow" either the owner of the database "stuff" or member of a group that permits access to "stuff"? Cheers, Steve
В списке pgsql-general по дате отправления: