On 18/08/2011 12:35 AM, John R Pierce wrote:
> On 08/17/11 7:40 AM, Merlin Moncure wrote:
>> GRANT/REVOKE only constrain read/write privileges to a database.
>
> at a table level, and even distinguishing between INSERT (writing new
> data) and UPDATING (updating existing data).
Column level, actually :-) and they can control read access as well as
write access.
Further control for writes can be applied using triggers that RAISE
EXCEPTION when they don't like something.
--
Craig Ringer