noy <noyda@isoco.com> writes:
> However, any user can make a select or update in the table "accounts".
Surely not.
test71=# select version(); version
------------------------------------------------------------------PostgreSQL 7.1.3 on hppa2.0-hp-hpux10.20, compiled by
GCC2.95.3
(1 row)
test71=# create user foo;
CREATE USER
test71=# create user bar;
CREATE USER
test71=# \c - foo
You are now connected as new user foo.
test71=> create table accounts (f1 int);
CREATE
test71=> insert into accounts values(1);
INSERT 1587112 1
test71=> revoke all on accounts from public;
CHANGE
test71=> \z accounts
Access privileges for database "test71" Table | Access privileges
----------+-------------------accounts | {"=","foo=arwR"}
(1 row)
test71=> select * from accounts;f1
---- 1
(1 row)
test71=> \c - bar
You are now connected as new user bar.
test71=> select * from accounts;
ERROR: accounts: Permission denied.
test71=> update accounts set f1 = 2;
ERROR: accounts: Permission denied.
test71=>
Perhaps your "any user" is actually a superuser?
regards, tom lane