Tom,
> Probably we should have temp table creation allowed to all by default. > I'm not convinced that that's a good idea for schema-creation privilege > though. Related issues: what should initdb set as the permissions for > template1? Would it make sense for newly created databases to copy > their permission settings from the template database? (Probably not, > since the owner is likely to be different.) What about copying those > per-database config settings Peter just invented? Yes. I think there should be a not optional INITDB switch: either --secure or --permissive. People usually know at the time of installation whether they're building a web server (secure) or a home workstation (permissive). Depending on the setting, this should set either a grant all or revoke all for non-db owners as default, including such things as temp table creation. -- -Josh Berkus ______AGLIO DATABASE SOLUTIONS___________________________ Josh Berkus Complete information technology [EMAIL PROTECTED] and data management solutions (415) 565-7293 for law firms, small businesses fax 621-2533 and non-profit organizations. San Francisco ---------------------------(end of broadcast)--------------------------- TIP 3: if posting/reading through Usenet, please send an appropriate subscribe-nomail command to [EMAIL PROTECTED] so that your message can get through to the mailing list cleanly