Improve wording of documentation on default privileges.

Per recent -hackers discussion.

diff --git a/doc/src/sgml/ref/grant.sgml b/doc/src/sgml/ref/grant.sgml
index 689aba5104f1eef2e00618b903ec81030ce4fb83..1f5fe1f41fdd020f050c0c9d085350c6c82c7f7f 100644 (file)
--- a/doc/src/sgml/ref/grant.sgml
+++ b/doc/src/sgml/ref/grant.sgml
@@ -139,15 +139,16 @@ GRANT role_name [, ...] TO 
   
 
   
-   Depending on the type of object, the initial default privileges might
-   include granting some privileges to PUBLIC.
-   The default is no public access for tables, columns, schemas, and
-   tablespaces;
-   CONNECT privilege and TEMP table creation privilege
-   for databases;
-   EXECUTE privilege for functions; and
-   USAGE privilege for languages.
-   The object owner can of course revoke these privileges.  (For maximum
+   PostgreSQL grants default privileges on some types of objects to
+   PUBLIC.  No privileges are granted to 
+   PUBLIC by default on tables, 
+   columns, schemas or tablespaces. For other types, the default privileges 
+   granted to PUBLIC are as follows: 
+   CONNECT and CREATE TEMP TABLE for 
+   databases; EXECUTE privilege for functions; and 
+   USAGE privilege for languages. 
+   The object owner can, of course, REVOKE 
+   both default and  expressly granted privileges. (For maximum
    security, issue the REVOKE in the same transaction that
    creates the object; then there is no window in which another user
    can use the object.)