Sophie: postgresql-docs-7.4.1-2.5.100mdk i586

postgresql-docs-7.4.1-2.5.100mdk.i586.rpm

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<HTML
><HEAD
><TITLE
>Privileges</TITLE
><META
NAME="GENERATOR"
CONTENT="Modular DocBook HTML Stylesheet Version 1.7"><LINK
REV="MADE"
HREF="mailto:pgsql-docs@postgresql.org"><LINK
REL="HOME"
TITLE="PostgreSQL 7.4.1 Documentation"
HREF="index.html"><LINK
REL="UP"
TITLE="Database Users and Privileges"
HREF="user-manag.html"><LINK
REL="PREVIOUS"
TITLE="Groups"
HREF="groups.html"><LINK
REL="NEXT"
TITLE="Functions and Triggers"
HREF="perm-functions.html"><LINK
REL="STYLESHEET"
TYPE="text/css"
HREF="stylesheet.css"><META
NAME="creation"
CONTENT="2003-12-22T03:48:47"></HEAD
><BODY
CLASS="SECT1"
><DIV
CLASS="NAVHEADER"
><TABLE
SUMMARY="Header navigation table"
WIDTH="100%"
BORDER="0"
CELLPADDING="0"
CELLSPACING="0"
><TR
><TH
COLSPAN="5"
ALIGN="center"
VALIGN="bottom"
>PostgreSQL 7.4.1 Documentation</TH
></TR
><TR
><TD
WIDTH="10%"
ALIGN="left"
VALIGN="top"
><A
HREF="groups.html"
ACCESSKEY="P"
>Prev</A
></TD
><TD
WIDTH="10%"
ALIGN="left"
VALIGN="top"
><A
HREF="user-manag.html"
>Fast Backward</A
></TD
><TD
WIDTH="60%"
ALIGN="center"
VALIGN="bottom"
>Chapter 17. Database Users and Privileges</TD
><TD
WIDTH="10%"
ALIGN="right"
VALIGN="top"
><A
HREF="user-manag.html"
>Fast Forward</A
></TD
><TD
WIDTH="10%"
ALIGN="right"
VALIGN="top"
><A
HREF="perm-functions.html"
ACCESSKEY="N"
>Next</A
></TD
></TR
></TABLE
><HR
ALIGN="LEFT"
WIDTH="100%"></DIV
><DIV
CLASS="SECT1"
><H1
CLASS="SECT1"
><A
NAME="PRIVILEGES"
>17.4. Privileges</A
></H1
><A
NAME="AEN17300"
></A
><A
NAME="AEN17302"
></A
><A
NAME="AEN17304"
></A
><A
NAME="AEN17306"
></A
><P
>   When a database object is created, it is assigned an owner. The
   owner is the user that executed the creation statement. To change
   the owner of a table, index, sequence, or view, use the
   <TT
CLASS="COMMAND"
>ALTER TABLE</TT
> command. By default, only an owner
   (or a superuser) can do anything with the object. In order to allow
   other users to use it, <I
CLASS="FIRSTTERM"
>privileges</I
> must be
   granted.
  </P
><P
>   There are several different privileges: <TT
CLASS="LITERAL"
>SELECT</TT
>,
   <TT
CLASS="LITERAL"
>INSERT</TT
>, <TT
CLASS="LITERAL"
>UPDATE</TT
>, <TT
CLASS="LITERAL"
>DELETE</TT
>,
   <TT
CLASS="LITERAL"
>RULE</TT
>, <TT
CLASS="LITERAL"
>REFERENCES</TT
>, <TT
CLASS="LITERAL"
>TRIGGER</TT
>,
   <TT
CLASS="LITERAL"
>CREATE</TT
>, <TT
CLASS="LITERAL"
>TEMPORARY</TT
>, <TT
CLASS="LITERAL"
>EXECUTE</TT
>,
   <TT
CLASS="LITERAL"
>USAGE</TT
>, and <TT
CLASS="LITERAL"
>ALL PRIVILEGES</TT
>. For more
   information on the different types of privileges support by
   <SPAN
CLASS="PRODUCTNAME"
>PostgreSQL</SPAN
>, see the
   <A
HREF="sql-grant.html"
><I
>GRANT</I
></A
> reference page.
   The right to modify or
   destroy an object is always the privilege of the owner only. To
   assign privileges, the <TT
CLASS="COMMAND"
>GRANT</TT
> command is
   used. So, if <TT
CLASS="LITERAL"
>joe</TT
> is an existing user, and
   <TT
CLASS="LITERAL"
>accounts</TT
> is an existing table, the privilege to
   update the table can be granted with

</P><PRE
CLASS="PROGRAMLISTING"
>GRANT UPDATE ON accounts TO joe;</PRE
><P>
   The user executing this command must be the owner of the table. To
   grant a privilege to a group, use
</P><PRE
CLASS="PROGRAMLISTING"
>GRANT SELECT ON accounts TO GROUP staff;</PRE
><P>
   The special <SPAN
CLASS="QUOTE"
>"user"</SPAN
> name <TT
CLASS="LITERAL"
>PUBLIC</TT
> can
   be used to grant a privilege to every user on the system. Writing
   <TT
CLASS="LITERAL"
>ALL</TT
> in place of a specific privilege specifies that all
   privileges will be granted.
  </P
><P
>   To revoke a privilege, use the fittingly named
   <TT
CLASS="COMMAND"
>REVOKE</TT
> command:
</P><PRE
CLASS="PROGRAMLISTING"
>REVOKE ALL ON accounts FROM PUBLIC;</PRE
><P>
   The special privileges of the table owner (i.e., the right to do
   <TT
CLASS="COMMAND"
>DROP</TT
>, <TT
CLASS="COMMAND"
>GRANT</TT
>, <TT
CLASS="COMMAND"
>REVOKE</TT
>, etc)
   are always implicit in being the owner,
   and cannot be granted or revoked.  But the table owner can choose
   to revoke his own ordinary privileges, for example to make a
   table read-only for himself as well as others.
  </P
></DIV
><DIV
CLASS="NAVFOOTER"
><HR
ALIGN="LEFT"
WIDTH="100%"><TABLE
SUMMARY="Footer navigation table"
WIDTH="100%"
BORDER="0"
CELLPADDING="0"
CELLSPACING="0"
><TR
><TD
WIDTH="33%"
ALIGN="left"
VALIGN="top"
><A
HREF="groups.html"
ACCESSKEY="P"
>Prev</A
></TD
><TD
WIDTH="34%"
ALIGN="center"
VALIGN="top"
><A
HREF="index.html"
ACCESSKEY="H"
>Home</A
></TD
><TD
WIDTH="33%"
ALIGN="right"
VALIGN="top"
><A
HREF="perm-functions.html"
ACCESSKEY="N"
>Next</A
></TD
></TR
><TR
><TD
WIDTH="33%"
ALIGN="left"
VALIGN="top"
>Groups</TD
><TD
WIDTH="34%"
ALIGN="center"
VALIGN="top"
><A
HREF="user-manag.html"
ACCESSKEY="U"
>Up</A
></TD
><TD
WIDTH="33%"
ALIGN="right"
VALIGN="top"
>Functions and Triggers</TD
></TR
></TABLE
></DIV
></BODY
></HTML
>