----- Original Message -----
From: "Tom Lane" <tgl@sss.pgh.pa.us>
>
> The only downside of this is that we'd lose the "feature" of being able
> to revoke from a particular user a right that is available via PUBLIC to
> everyone else.
Could we add additional privlideges that explicitly restrict a user?
Perhaps negative permissions like -x -r etc... This would override group
and public permissions and could be set via revoke. What does the SQL Spec
say the behaviour should be when group and user permissions are in conflict?