The following bug has been logged online:

Bug reference: 1161
Logged by: Martin

Email address: martin (AT) 4finger (DOT) net

PostgreSQL version: 7.4

Operating system: Linux

Description: User permissions are kept, even if user is dropped

Details:

Hi,

dropping and creating a user will keep the *old* permission on objects:

The following statements will grant access to the user
foe:

create user friend;
create table secret (passwd char(30));
grant all on secret to friend;
\dp secret;
drop user friend;
-- The permissions are still existing
-- (on a numeric user-id)
\dp secret;
create user foe;
-- The user foe "inherits" the old permissions
\dp secret;

This is not what I would have expected. If this behaviour is valid, there
should be a warning in the documentation, that creating a user may inherit
some "dangling" permissions.

Best regards,
Martin



---------------------------(end of broadcast)---------------------------
TIP 5: Have you checked our extensive FAQ?

http://www.postgresql.org/docs/faqs/FAQ.html