Heni Lolov <hal_bg@yahoo.com> writes:
> ive tried :
> revoke all ON schema public from hal;
> but does not work. Why?
You'd need to revoke the permissions from PUBLIC; they were never granted
specifically to hal, thus the above revoke is a no-op.
Don't forget to revoke CREATE at the database level, too, else a user
can just create his own schema. Perhaps also revoke TEMP, depending on
whether you'd like to forbid temporary tables as well.
In short, something like
revoke create on schema public from public;
revoke create,temp on database mydb from public;
should give you a database in which users can't create anything.
regards, tom lane