"Alexander James Spence [axs]" <axs@aber.ac.uk> wrote:
> will have to create around 200+ users and user databases for
> student project use. I have tried all sorts of GRANT and REVOKE
> combinations but for the life of me cannot stop other users from
> creating tables in a database that is not their own.
test=# create user xxx;
CREATE ROLE
test=# create database xxx owner xxx;
CREATE DATABASE
test=# \c xxx
You are now connected to database "xxx" as user "kgrittn".
xxx=# revoke create on database xxx from public;
REVOKE
xxx=# revoke create on schema public from public;
REVOKE
xxx=# grant create on schema public to xxx;
GRANT
You might also want to limit connection rights in pg_hba.conf
-Kevin