Add a note about the difference between Postgres' treatment of the rights

author Tom Lane

Wed, 1 Sep 2004 04:13:11 +0000 (04:13 +0000)

committer Tom Lane

Wed, 1 Sep 2004 04:13:11 +0000 (04:13 +0000)
author Tom Lane
Wed, 1 Sep 2004 04:13:11 +0000 (04:13 +0000)
committer Tom Lane
Wed, 1 Sep 2004 04:13:11 +0000 (04:13 +0000)
diff --git a/doc/src/sgml/ref/grant.sgml b/doc/src/sgml/ref/grant.sgml

index 9ea480c57a32aafb783514e025860ecf3d22d43a..d6a6ef94b6f0b73427c8961c2a73f85b09ab5377 100644 (file)
--- a/doc/src/sgml/ref/grant.sgml
+++ b/doc/src/sgml/ref/grant.sgml
@@ -1,5 +1,5 @@
  
  
@@ -403,6 +403,18 @@ GRANT ALL PRIVILEGES ON kinds TO manuel;
      one object per command.
     
  
+   
+    PostgreSQL allows an object owner to revoke his
+    own ordinary privileges: for example, a table owner can make the table
+    read-only to himself by revoking his own INSERT, UPDATE, and DELETE
+    privileges.  This is not possible according to the SQL standard.  The
+    reason is that PostgreSQL treats the owner's
+    privileges as having been granted by the owner to himself; therefore he
+    can revoke them too.  In the SQL standard, the owner's privileges are
+    granted by an assumed entity _SYSTEM.  Not being
+    _SYSTEM, the owner cannot revoke these rights.
+   
+
     
      The SQL standard allows setting privileges for individual columns
      within a table: