And should be easier to find in the manual!
I've looked in many related chapters of the 8.2 manual for a way to
find out
WHY a specific user has access to a database.
Chapter 5 Data Definition
Chapter 18 Database Roles & Privileges
Chapter 20 Client Authorization
postgres=# select * from pg_roles;
rolname | rolsuper | rolinherit | rolcreaterole | rolcreatedb |
rolcatupdate | rolcanlogin | rolconnlimit | rolpassword |
rolvaliduntil | rolconfig | oid
----------+----------+------------+---------------+-------------
+--------------+-------------+--------------+-------------
+---------------+-----------+-------
lines removed
smithrn | f | f | t | t |
f | t | -1 | ******** |
infinity | | 16393
This user can connect via his .pgpass or manually since he's in a
netID range that requires a password.
But he can create and drop tables in any database!!!
Why is that?
How can I find out what he can do?
The GRANT and REVOKE sections say nothing about which pg_xxxx tables
to query, and I've been lookin'!
Thank you!
Ralph Smith
=====================
